From 5a02298ad5a947214ba02655b0a93ac01d4c178a Mon Sep 17 00:00:00 2001
From: Ivan Valdes <ivan@vald.es>
Date: Thu, 25 Jul 2024 15:31:07 -0700
Subject: [PATCH] github/workflows: set read-only default permissions to
 approve workflow

Signed-off-by: Ivan Valdes <ivan@vald.es>
---
 .github/workflows/gh-workflow-approve.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/gh-workflow-approve.yaml b/.github/workflows/gh-workflow-approve.yaml
index a13727a0af7..1f988637677 100644
--- a/.github/workflows/gh-workflow-approve.yaml
+++ b/.github/workflows/gh-workflow-approve.yaml
@@ -1,5 +1,6 @@
 ---
 name: Approve GitHub Workflows
+permissions: read-all
 
 on:
   pull_request_target: