From 2855b6882e8aa51508fc38cb1ffd229ce7a4ad86 Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Tue, 20 Sep 2022 16:29:54 +0200
Subject: [PATCH] build: harden release.yml permissions Signed-off-by: Alex
 <aleksandrosansan@gmail.com>

---
 .github/workflows/release.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8f3c8a6ce..fda6aa2c9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,8 +5,13 @@ on:
   release:
     types: [published]
 
+permissions: {}
 jobs:
   generate:
+    permissions:
+      contents: write # to create branch (peter-evans/create-pull-request)
+      pull-requests: write # to create a PR (peter-evans/create-pull-request)
+
     name: 'Update node-red-docker image'
     runs-on: ubuntu-latest
     steps: