Merge pull request #7 from DanielVolz/fix/codeql-alerts

ci: add explicit permissions to workflows
2025-12-30 13:08:30 +01:00
parent 9c70eead9b d405ff4b2b
commit a80cc43b06
2 changed files with 8 additions and 0 deletions
@@ -11,6 +11,10 @@ on:
        required: false
        default: ''

+# Default minimal permissions
+permissions:
+  contents: read
+
 env:
  REGISTRY: ghcr.io

@@ -4,6 +4,10 @@ on:
  pull_request:
    branches: [main]

+# Minimal permissions for security
+permissions:
+  contents: read
+
 jobs:
  # =============================================================================
  # Backend Tests