From 9285103c538521f0912bb5e4e8f1908bdc04a8a4 Mon Sep 17 00:00:00 2001
From: Jan Calanog <nejcalanog@gmail.com>
Date: Wed, 21 Feb 2024 02:30:17 +0700
Subject: [PATCH] security: add permissions block to workflows (#76)

---
 .github/workflows/lint.yml | 3 +++
 .github/workflows/test.yml | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index c3fcc4a9..79e66341 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -13,6 +13,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
+permissions:
+  contents: read
+
 jobs:
   lint:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 853acfc5..3054429e 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -24,6 +24,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
+permissions:
+  contents: read
+
 jobs:
   test-vers:
     # TODO: services eventually will go here