Add empty permissions block in Github Actions configs

roji · roji · commit f46d0967c685 · 2025-12-25T10:15:10.000+01:00
To restrict all permissions by default (CodeQL warning)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -10,6 +10,9 @@ on:
       - v*
   pull_request:
 
+permissions:
+  contents: read
+
 env:
   postgis_version: 3
   DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
diff --git a/.github/workflows/trigger-doc-build.yml b/.github/workflows/trigger-doc-build.yml
@@ -8,6 +8,9 @@ on:
     branches:
       - docs
 
+permissions:
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest
diff --git a/EFCore.PG.slnx b/EFCore.PG.slnx
@@ -11,7 +11,7 @@
   <Folder Name="/Github/">
     <File Path=".github/dependabot.yml" />
     <File Path=".github/workflows/build.yml" />
-    <File Path=".github/workflows/codeql-analysis.yml" />
+    <File Path=".github/workflows/trigger-doc-build.yml" />
   </Folder>
   <Folder Name="/src/">
     <Project Path="src/EFCore.PG.NodaTime/EFCore.PG.NodaTime.csproj" />
