Add explicit GITHUB_TOKEN permissions to Docker workflow for security

Copilot · npv2k1 · Copilot · commit d2cc2799bcc2 · 2025-11-01T15:50:37.000Z
Co-authored-by: npv2k1 &lt;73846954+npv2k1@users.noreply.github.com&gt;
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -6,10 +6,15 @@ on:
   pull_request:
     branches: [ "main" ]
 
+permissions:
+  contents: read
+
 jobs:
   docker-build:
     name: Docker Build Test
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
     - uses: actions/checkout@v4
     
@@ -33,6 +38,8 @@ jobs:
   docker-compose:
     name: Docker Compose Validation
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
     - uses: actions/checkout@v4
     
