feat: Add explicit GITHUB_TOKEN permissions for release workflow

lavie · Jan 29, 2025 · 42eef72 · 42eef72
1 parent 0d235bd
commit 42eef72
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -9,12 +9,14 @@ jobs:
     runs-on: ubuntu-latest
     # Only run this job if we're not already creating a release
     if: "!contains(github.event.head_commit.message, 'chore(release):')"
+    permissions:
+      contents: write  # Needed for creating tags and releases
 
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}  # Using built-in token with explicitly granted permissions
 
       - uses: actions/setup-python@v5
         with: