From 96882690279945b7dd96f9af081edf38e3cee4dc Mon Sep 17 00:00:00 2001
From: Alois Klink <alois@aloisklink.com>
Date: Sun, 24 Sep 2023 17:07:30 +0100
Subject: [PATCH] ci(release-draft): limit GITHUB_TOKEN permissions

Limit the `GITHUB_TOKEN` permissions for `toolmantim/release-drafter`
to the minimum required permissions.
---
 .github/workflows/release-draft.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/release-draft.yml b/.github/workflows/release-draft.yml
index a37b7bcf2..d57daf67d 100644
--- a/.github/workflows/release-draft.yml
+++ b/.github/workflows/release-draft.yml
@@ -5,9 +5,15 @@ on:
     branches:
       - develop
 
+permissions:
+  contents: read
+
 jobs:
   draft-release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write # write permission is required to create a github release
+      pull-requests: read # required to read PR titles/labels
     steps:
       - name: Draft Release
         uses: toolmantim/release-drafter@v5