From f00587ec68943c301dc8a18e92b2057ce2af027b Mon Sep 17 00:00:00 2001
From: Franck Gaudin <franck.gaudin@workleap.com>
Date: Fri, 26 Apr 2024 11:57:50 -0400
Subject: [PATCH] add permission on workflow

---
 .github/workflows/release.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a736fad..56ef072 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -19,6 +19,10 @@ jobs:
   release:
     needs: lint
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write # required for provenance https://docs.npmjs.com/generating-provenance-statements#publishing-packages-with-provenance-via-github-actions
+      contents: write
+      pull-requests: write
     steps:
       - uses: actions/checkout@v2
         with: