From 0d3a92ace66770fd5c2c0be8cf7e39cfe7f3337d Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Mon, 19 Sep 2022 23:30:11 +0200
Subject: [PATCH] build: harden pre-commit.yml permissions Signed-off-by: Alex
 <aleksandrosansan@gmail.com>

---
 .github/workflows/pre-commit.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
index 9c29ed056..085bae46d 100644
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -6,8 +6,14 @@ on:
       - master
   pull_request:
 
+permissions:
+  contents: read
+
 jobs:
   pre-commit:
+    permissions:
+      contents: write # to push back fixes to PR branch (pre-commit/action)
+
     runs-on: ubuntu-20.04
 
     steps: