From 69282ad49e65c2c9551f14d558400818db753534 Mon Sep 17 00:00:00 2001 From: Andy Kenward Date: Thu, 18 Sep 2025 18:39:24 +0100 Subject: [PATCH] Potential fix for code scanning alert no. 55: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/check-dist.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index b184f3ec..d7c98a65 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -6,6 +6,8 @@ # For our project, we generate this file through a build process from other source files. # We need to make sure the checked-in `index.js` actually matches what we expect it to be. name: check dist +permissions: + contents: read on: push: