From 6dea339536a078247c633dfacf032ab22a2a79e5 Mon Sep 17 00:00:00 2001 From: Mardav Wala Date: Thu, 14 Aug 2025 18:46:02 -0400 Subject: [PATCH] Potential fix for code scanning alert no. 6: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/check-dist.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 37b7f02..e3f7bae 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -4,6 +4,8 @@ # For our project, we generate this file through a build process from other source files. # We need to make sure the checked-in `index.js` actually matches what we expect it to be. name: Check dist/ +permissions: + contents: read on: push: