From 544d6aa5c2660469459c390a8e3d2a3db58d182c Mon Sep 17 00:00:00 2001
From: Sung Yoon Whang <sungyoon@uber.com>
Date: Mon, 20 Mar 2023 09:52:44 -0700
Subject: [PATCH] Minimize permissions to CI workflows (#133)

Set only read permission on CI workflows since they don't need write access.

Fixes #132.
---
 .github/workflows/fossa.yaml | 3 +++
 .github/workflows/go.yml     | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml
index 86e6db7..01f3c67 100644
--- a/.github/workflows/fossa.yaml
+++ b/.github/workflows/fossa.yaml
@@ -1,6 +1,9 @@
 name: FOSSA Analysis
 on: push
 
+permissions:
+  contents: read
+
 jobs:
 
   build:
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 53c53d4..8e9f05f 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -7,6 +7,9 @@ on:
   pull_request:
     branches: ['*']
 
+permissions:
+  contents: read
+
 jobs:
 
   build: