From 8396f6fc62994b13a8c3299bccc7c9e54fd1af71 Mon Sep 17 00:00:00 2001
From: Andrew <andrew.jinshen@gmail.com>
Date: Tue, 4 Oct 2022 01:08:10 +0800
Subject: [PATCH] Update security permissions for GitHub workflows

---
 .github/workflows/build-publish.yml | 2 ++
 .github/workflows/linux-test.yml    | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml
index bfd50d1f..b10dbbea 100644
--- a/.github/workflows/build-publish.yml
+++ b/.github/workflows/build-publish.yml
@@ -17,6 +17,8 @@ on:
 jobs:
   build-wheels:
     runs-on: ${{ matrix.os }}
+    permissions:
+      contents: read
     strategy:
       matrix:
         include:
diff --git a/.github/workflows/linux-test.yml b/.github/workflows/linux-test.yml
index 7381987e..7144f4a2 100644
--- a/.github/workflows/linux-test.yml
+++ b/.github/workflows/linux-test.yml
@@ -9,6 +9,9 @@ on:
   pull_request:
     branches: [ master ]
 
+permissions:
+  contents: read
+
 jobs:
   build: