From 2d387d908dbf23e158869872b45fdaabc28d4c28 Mon Sep 17 00:00:00 2001
From: Brad Keryan <brad.keryan@ni.com>
Date: Mon, 19 May 2025 17:43:20 -0500
Subject: [PATCH] github: Specify CI/PR permissions

---
 .github/workflows/CI.yml | 5 +++++
 .github/workflows/PR.yml | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
index a546999..eb7748a 100644
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -8,6 +8,11 @@ on:
   workflow_call:
   workflow_dispatch:
 
+permissions:
+  contents: read
+  checks: write
+  pull-requests: write
+
 jobs:
   check_nipanel:
     name: Check nipanel
diff --git a/.github/workflows/PR.yml b/.github/workflows/PR.yml
index ddb6c24..178ee68 100644
--- a/.github/workflows/PR.yml
+++ b/.github/workflows/PR.yml
@@ -8,6 +8,11 @@ on:
   workflow_call:
   workflow_dispatch:
 
+permissions:
+  contents: read
+  checks: write
+  pull-requests: write
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true