emotion-js · Andarist · Dec 1, 2022 · Sep 20, 2022 · Sep 20, 2022 · Dec 1, 2022
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -6,6 +6,9 @@ on:
       - main
   pull_request:
 
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
   test:
     name: 'Tests on ${{matrix.platform}}'

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,8 +8,13 @@ on:
 
 concurrency: ${{ github.workflow }}-${{ github.ref }}
 
+permissions: {}
 jobs:
   release:
+    permissions:
+      contents: write # to create release 
+      pull-requests: write # to create pull request 
+
     name: Release
     runs-on: ubuntu-latest
     steps: