From 4cbf2327c7cab35f2b47a71509e129823623628e Mon Sep 17 00:00:00 2001
From: Adnan Khan <AdnaneKhan@users.noreply.github.com>
Date: Tue, 21 Oct 2025 17:51:57 -0400
Subject: [PATCH 1/2] ci: scope down permissions for cd.yml

---
 .github/workflows/cd.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index e87853c..4671350 100755
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -7,6 +7,9 @@ on:
     tags:
       - 'v*'
 
+permissions:
+  contents: write
+
 jobs:
   delivery-nodejs:
     name: Prepare for NPM

From 17d01b800c3de1f6fb97e0aacffedb38da646eef Mon Sep 17 00:00:00 2001
From: Adnan Khan <AdnaneKhan@users.noreply.github.com>
Date: Tue, 21 Oct 2025 17:51:59 -0400
Subject: [PATCH 2/2] ci: scope down permissions for ci.yml

---
 .github/workflows/ci.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7c36fd9..5524a20 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -4,6 +4,9 @@ name: ci
 
 on: [ push, pull_request ]
 
+permissions:
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest