From bfe4aba423d03c28394831bfee8eb964f586d730 Mon Sep 17 00:00:00 2001
From: Joyce <joycebrumu.u@gmail.com>
Date: Tue, 14 Mar 2023 17:36:31 -0300
Subject: [PATCH] Add minimum GitHub token permissions for workflows (#7541)

* Update gradle_release.yml to contents write

* Update gradle_snapshot.yml to contents write
---
 .github/workflows/gradle_release.yml  | 5 +++++
 .github/workflows/gradle_snapshot.yml | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/.github/workflows/gradle_release.yml b/.github/workflows/gradle_release.yml
index da5931624c..1a32ddb249 100644
--- a/.github/workflows/gradle_release.yml
+++ b/.github/workflows/gradle_release.yml
@@ -10,10 +10,15 @@ on:
     tags:
       - 'v3.*.*'   
 
+permissions:
+  contents: read
+
 jobs:
   build:
 
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     env:
       CI_BUILD_NUMBER: ${{ github.run_number }}
     steps:
diff --git a/.github/workflows/gradle_snapshot.yml b/.github/workflows/gradle_snapshot.yml
index c241705126..8d1be2f111 100644
--- a/.github/workflows/gradle_snapshot.yml
+++ b/.github/workflows/gradle_snapshot.yml
@@ -6,12 +6,17 @@ name: Snapshot
 on:
   push:
     branches: [ '3.x' ]
+    
+permissions:
+  contents: read
 
 jobs:
   build:
 
     runs-on: ubuntu-latest
     if: github.repository == 'ReactiveX/RxJava'
+    permissions:
+      contents: write
     env:
       # ------------------------------------------------------------------------------ 
       CI_BUILD_NUMBER: ${{ github.run_number }}