From d3f8bd4f5cce45b9ad67d582126001ba6e81e9c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pikach=C3=BA?= <engbethany4@gmail.com>
Date: Tue, 6 Feb 2024 08:08:53 +0000
Subject: [PATCH] update permission on GitHub Token

---
 ...azure-static-web-apps-purple-hill-04aebfb03.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.github/workflows/azure-static-web-apps-purple-hill-04aebfb03.yml b/.github/workflows/azure-static-web-apps-purple-hill-04aebfb03.yml
index 93e2173..83009d1 100644
--- a/.github/workflows/azure-static-web-apps-purple-hill-04aebfb03.yml
+++ b/.github/workflows/azure-static-web-apps-purple-hill-04aebfb03.yml
@@ -14,6 +14,13 @@ jobs:
     if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
     runs-on: ubuntu-latest
     name: Build and Deploy Job
+    permissions:
+      actions: read
+      contents: read
+      deployments: read
+      packages: none
+      pull-requests: write
+      security-events: write
     steps:
       - uses: actions/checkout@v2
         with:
@@ -35,6 +42,13 @@ jobs:
   close_pull_request_job:
     if: github.event_name == 'pull_request' && github.event.action == 'closed'
     runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      deployments: read
+      packages: none
+      pull-requests: write
+      security-events: write
     name: Close Pull Request Job
     steps:
       - name: Close Pull Request