From ec689f198ce719ccaaea697b5a80cb2dd60e2146 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marius=20Co=C8=9Bofan=C4=83?= <marius.coto@gmail.com>
Date: Fri, 30 May 2025 16:24:39 +0200
Subject: [PATCH] Define workflow permissions

---
 .github/workflows/repository-maintenance.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/repository-maintenance.yml b/.github/workflows/repository-maintenance.yml
index db3d309a..6feb7d49 100644
--- a/.github/workflows/repository-maintenance.yml
+++ b/.github/workflows/repository-maintenance.yml
@@ -5,6 +5,12 @@ on:
     branches: ['main']
   workflow_dispatch:
 
+permissions:
+  actions: read
+  contents: write
+  pull-requests: read
+  id-token: write
+
 concurrency:
   group: ${{ github.workflow }}${{ github.ref_name != github.event.repository.default_branch && github.ref || github.run_id }}
   cancel-in-progress: ${{ github.ref_name != github.event.repository.default_branch }}