From 9fea93fa4ad582b8133c99475fdf9a12406359a4 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 20 Nov 2025 19:28:02 +0000
Subject: [PATCH 1/2] Initial plan


From 6a1a8d3f2bd8cd00127f2c85bf992e3fe124ed2f Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 20 Nov 2025 19:31:46 +0000
Subject: [PATCH 2/2] Add explicit permissions to workflow files

Co-authored-by: jonrohan <54012+jonrohan@users.noreply.github.com>
---
 .github/workflows/nodejs.yml  | 2 ++
 .github/workflows/publish.yml | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
index 2b61ab6..f3fc565 100644
--- a/.github/workflows/nodejs.yml
+++ b/.github/workflows/nodejs.yml
@@ -4,6 +4,8 @@ on: push
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - uses: actions/checkout@v2
       - name: Use Node.js 18.x
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 8e219eb..0ec024d 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -7,6 +7,8 @@ on:
 jobs:
   publish-npm:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3