Add workflow permissions for security

- Add explicit permissions block to restrict GITHUB_TOKEN - Set contents: read permission (minimum required) - Addresses CodeQL security alert Co-authored-by: johndoe6345789 <224850594+johndoe6345789@users.noreply.github.com>
2026-04-24 13:45:03 +00:00 · 2025-12-27 03:52:17 +00:00
parent edfcf00d2e
commit 64fcbeced6
1 changed files with 4 additions and 0 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -18,6 +18,10 @@ on:
        default: 'linux,macos,windows'
        type: string

+# Restrict GITHUB_TOKEN permissions for security
+permissions:
+  contents: read
+
 jobs:
  # Pre-build checks - fast failure for common issues
  lint: