mongodb · timgraham · Jul 31, 2025 · Jul 31, 2025
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
@@ -26,6 +26,8 @@ jobs:
       - name: Run linters
         run: |
           pre-commit run --hook-stage=manual --all-files
+    permissions:
+        contents: read
   docs:
     name: Docs Checks
     runs-on: ubuntu-latest
@@ -46,3 +48,5 @@ jobs:
         run: |
           cd docs
           make html
+    permissions:
+        contents: read
diff --git a/.github/workflows/test-python-atlas.yml b/.github/workflows/test-python-atlas.yml
@@ -54,3 +54,5 @@ jobs:
         run: bash .github/workflows/start_local_atlas.sh mongodb/mongodb-atlas-local:7
       - name: Run tests
         run: python3 django_repo/tests/runtests.py --settings mongodb_settings -v 2
+    permissions:
+        contents: read
diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml
@@ -55,3 +55,5 @@ jobs:
           mongodb-version: 6.0
       - name: Run tests
         run: python3 django_repo/tests/runtests_.py
+    permissions:
+        contents: read