From 6e4796acb68a6dac79d92817d2ce05f3199b1b8d Mon Sep 17 00:00:00 2001
From: Adnan Khan <AdnaneKhan@users.noreply.github.com>
Date: Mon, 20 Oct 2025 21:37:16 -0400
Subject: [PATCH] Scope down GitHub token permissions for
 ci_static-analysis.yaml

---
 .github/workflows/ci_static-analysis.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/ci_static-analysis.yaml b/.github/workflows/ci_static-analysis.yaml
index f5458d4..83269e3 100644
--- a/.github/workflows/ci_static-analysis.yaml
+++ b/.github/workflows/ci_static-analysis.yaml
@@ -3,6 +3,10 @@ name: static analysis
 
 on: ["pull_request", "push"]
 
+
+permissions:
+  contents: read
+
 jobs:
   not-grep:
     runs-on: ubuntu-latest