From 1a17fc17bb1cf697d48e9d68483d4ec7f364caee Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Sat, 21 Jan 2023 18:55:17 +0100
Subject: [PATCH] GitHub Workflows security hardening (#15708)

---
 .github/workflows/vulncheck.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/vulncheck.yml b/.github/workflows/vulncheck.yml
index db6a8b292..a65c768b0 100644
--- a/.github/workflows/vulncheck.yml
+++ b/.github/workflows/vulncheck.yml
@@ -6,6 +6,10 @@ on:
   push:
     branches:
       - master
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
   vulncheck:
     name: Analysis