From 73e91dc28c2993aef62702a8d949c0fb02e2231c Mon Sep 17 00:00:00 2001
From: Diogo Teles Sant'Anna <diogoteles@google.com>
Date: Tue, 7 Mar 2023 18:57:54 -0300
Subject: [PATCH] ci: set minimal permissions on workflows (#248)

---
 .github/workflows/macos.yml   | 2 ++
 .github/workflows/ubuntu.yml  | 2 ++
 .github/workflows/windows.yml | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 303fec0..24f5fc2 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -2,6 +2,8 @@ name: macos
 
 on: [push, pull_request]
 
+permissions: read-all
+
 jobs:
   build:
     runs-on: ${{matrix.config.os}}
diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml
index ea55625..98c3e28 100644
--- a/.github/workflows/ubuntu.yml
+++ b/.github/workflows/ubuntu.yml
@@ -2,6 +2,8 @@ name: ubuntu
 
 on: [push, pull_request]
 
+permissions: read-all
+
 jobs:
   ubuntu:
     runs-on: ubuntu-20.04
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index c65377b..8ef0d5e 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -2,6 +2,8 @@ name: windows
 
 on: [push, pull_request]
 
+permissions: read-all
+
 jobs:
   build:
     runs-on: ${{matrix.config.os}}