From 39d9a8fa180a53c15fc629d5c9e5b16a62a18bec Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Sun, 25 Sep 2022 19:15:26 +0200
Subject: [PATCH] build: harden nightly.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>
---
 .github/workflows/nightly.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 2897d641f..b7664a12f 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -5,6 +5,9 @@ on:
 #    # 08:00 UTC = 03:00 EST
 #    - cron:  '0 8 * * *'
 
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
   deploy:
     strategy: