From ed0961d0460bc1325351d42a7b88ba0ab5dc1b91 Mon Sep 17 00:00:00 2001
From: Alex Leites <18728999+tallaxes@users.noreply.github.com>
Date: Wed, 4 Sep 2024 13:57:01 -0700
Subject: [PATCH] Set top-level permissions to `contents: read` (#476)

---
 .github/workflows/release-trigger.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release-trigger.yaml b/.github/workflows/release-trigger.yaml
index 660e2324a..5e9393669 100644
--- a/.github/workflows/release-trigger.yaml
+++ b/.github/workflows/release-trigger.yaml
@@ -5,6 +5,9 @@ name: Release Trigger
 on:
     workflow_dispatch:
 
+permissions:
+  contents: read
+
 jobs:
   generate-sem-ver:
     permissions:
@@ -31,4 +34,4 @@ jobs:
           # Using the current latest major version of semantic-release v24, to
           # prevent automated breaking changes, but still pickup features and patches ASAP.
           # Will need to adopt new major versions as they are released.
-          npx semantic-release@24
\ No newline at end of file
+          npx semantic-release@24