From 4f938eabf171fa96497ee172b21f823991fb7e7d Mon Sep 17 00:00:00 2001
From: orangetin <126978607+orangetin@users.noreply.github.com>
Date: Wed, 30 Apr 2025 09:06:22 -0700
Subject: [PATCH] Potential fix for code scanning alert no. 5: Workflow does
 not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/upload-to-pypi.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/upload-to-pypi.yml b/.github/workflows/upload-to-pypi.yml
index 89adb035..75e27c96 100644
--- a/.github/workflows/upload-to-pypi.yml
+++ b/.github/workflows/upload-to-pypi.yml
@@ -4,6 +4,10 @@ on:
   release:
     types: [published]
 
+permissions:
+  contents: read
+  packages: write
+
 env:
   POETRY_VERSION: "2.1.1"