From 7ef8d2054ecf60d4710aef07daad74c0517e4709 Mon Sep 17 00:00:00 2001
From: Dan <8297864+D-K-P@users.noreply.github.com>
Date: Mon, 19 May 2025 16:50:16 +0100
Subject: [PATCH] Potential fix for code scanning alert no. 6: Workflow does
 not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/release.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 66cdbc0abe..1abfa223be 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,6 +18,10 @@ jobs:
   release:
     name: 🦋 Changesets Release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+      pull-requests: write
     if: github.repository == 'triggerdotdev/trigger.dev'
     outputs:
       published: ${{ steps.changesets.outputs.published }}
@@ -93,6 +97,8 @@ jobs:
   publish:
     needs: release
     uses: ./.github/workflows/publish.yml
+    permissions:
+      contents: read
     secrets: inherit
     # if: needs.release.outputs.published == 'true'
     # disable automatic publishing for now