Potential fix for code scanning alert no. 4: Workflow does not contain permissions

TheWicklowWolf · github-advanced-security[bot] · web-flow · commit f634c2b8b134 · 2025-07-31T12:14:25.000+01:00
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,5 +1,8 @@
 name: ci
 
+permissions:
+  contents: read
+
 on:
   push:
     branches:
@@ -9,6 +12,8 @@ on:
 
 jobs:
   bump-version-and-create-release-tag:
+    permissions:
+      contents: write
     runs-on: ubuntu-latest
     env:
       GH_TOKEN: ${{ secrets.PAT_TOKEN }}
