From b90194783bf31fb4eaf611b11b6c38b85d7851a9 Mon Sep 17 00:00:00 2001
From: Grace Park <gracepark@github.com>
Date: Wed, 23 Oct 2024 08:33:55 -0700
Subject: [PATCH] Add read permissions to GitHub workflows

---
 .github/workflows/node.js.yml | 3 +++
 .github/workflows/publish.yml | 1 +
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
index 0164208..1eb2c9b 100644
--- a/.github/workflows/node.js.yml
+++ b/.github/workflows/node.js.yml
@@ -9,6 +9,9 @@ on:
   pull_request:
     branches: [ main ]
 
+permissions:
+  contents: read
+
 jobs:
   build:
 
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 7b520a3..4ec5765 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -5,6 +5,7 @@ on:
     types: [created]
 
 permissions:
+  contents: read
   id-token: write
 
 jobs: