From fd08056f385b0233b7e329e372421e915c4db8e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Amar=20=C4=8Cerim?= <amar-cerim@hotmail.com>
Date: Sun, 2 Apr 2023 12:49:25 +0200
Subject: [PATCH] clarify permissions needed for github token

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 97318c25..c3195edb 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ Let's suppose you have a workflow with a job in it that at the end uploads an ar
   with:
     # Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
     # Required, if the artifact is from a different repo
-    # Required, if the repo is private a Personal Access Token with `repo` scope is needed
+    # Required, if the repo is private a Personal Access Token with `repo` scope is needed or GitHub token in a job where the permissions `action` scope set to `read`
     github_token: ${{secrets.GITHUB_TOKEN}}
     # Optional, workflow file name or ID
     # If not specified, will be inferred from run_id (if run_id is specified), or will be the current workflow