From fdd96d702d1b02ff0b74ab5ac6fa61cde55053f8 Mon Sep 17 00:00:00 2001 From: Konstantin Dinev Date: Wed, 15 Oct 2025 15:46:53 +0300 Subject: [PATCH] Potential fix for code scanning alert no. 11: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/npm-publish.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index fa7cd35db68..112358f82e8 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -1,4 +1,6 @@ name: Npm.js deploy +permissions: + contents: read on: release: