From 8663e33353bc7fff7ae41af8a449b5f9171e4c35 Mon Sep 17 00:00:00 2001
From: Josh Soref <2119212+jsoref@users.noreply.github.com>
Date: Fri, 28 Jun 2024 10:32:03 -0400
Subject: [PATCH] infra/workflow: Declare limited permissions for regression

Note that this workflow currently imagines writing a comment.
It does not actually try to do so, and thus there is no need to ask
for permission to use `pull-requests: write`.

If at some point, someone decides to fix that feature, they
will need to add that permission.

OTOH, using a GitHub Step Summary instead does not require any permissions.
---
 .github/workflows/regression.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/regression.yml b/.github/workflows/regression.yml
index f6800bce..34062cd2 100644
--- a/.github/workflows/regression.yml
+++ b/.github/workflows/regression.yml
@@ -6,6 +6,9 @@ on:
     branches:
       - main
 
+permissions:
+  contents: read
+
 jobs:
   test:
     runs-on: ubuntu-latest