From 465bbd27463bdf5b22a430f94746d4759c92929e Mon Sep 17 00:00:00 2001
From: Luis Antonio <getcyonic+zaorinu@gmail.com>
Date: Sun, 27 Jul 2025 09:56:06 -0300
Subject: [PATCH 1/4] Potential fix for code scanning alert no. 4: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/validate_post.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/validate_post.yml b/.github/workflows/validate_post.yml
index d89cd7b..02a4d5d 100644
--- a/.github/workflows/validate_post.yml
+++ b/.github/workflows/validate_post.yml
@@ -1,4 +1,6 @@
 name: Validate Jekyll Posts
+permissions:
+  contents: read
 
 on:
   pull_request:

From 9202423c5d4d7a9cf91d72d4a0e958d5b1d86ed2 Mon Sep 17 00:00:00 2001
From: Luis Antonio <getcyonic+zaorinu@gmail.com>
Date: Sun, 27 Jul 2025 09:56:56 -0300
Subject: [PATCH 2/4] Potential fix for code scanning alert no. 3: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/clear_old_posts.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/clear_old_posts.yml b/.github/workflows/clear_old_posts.yml
index 797de7d..4c04c98 100644
--- a/.github/workflows/clear_old_posts.yml
+++ b/.github/workflows/clear_old_posts.yml
@@ -1,5 +1,8 @@
 name: Prune Posts and Archive
 
+permissions:
+  contents: write
+
 on:
   push:
     branches:

From 09e015eedd062baa812db0dcb007a7e8462c809b Mon Sep 17 00:00:00 2001
From: Luis Antonio <getcyonic+zaorinu@gmail.com>
Date: Sun, 27 Jul 2025 10:00:09 -0300
Subject: [PATCH 3/4] Potential fix for code scanning alert no. 2: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/trigger_main_site.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/trigger_main_site.yml b/.github/workflows/trigger_main_site.yml
index 01a7b8d..cb7194e 100644
--- a/.github/workflows/trigger_main_site.yml
+++ b/.github/workflows/trigger_main_site.yml
@@ -5,6 +5,9 @@ on:
     paths:
       - 'posts/**'
 
+permissions:
+  contents: read
+
 jobs:
   dispatch:
     runs-on: ubuntu-latest

From 2f199226c7d8a5d8b19acf69335c7a80b00d8c18 Mon Sep 17 00:00:00 2001
From: Luis Antonio <getcyonic+zaorinu@gmail.com>
Date: Sun, 27 Jul 2025 10:11:30 -0300
Subject: [PATCH 4/4] Potential fix for code scanning alert no. 1: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/request_landing.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/request_landing.yml b/.github/workflows/request_landing.yml
index ca3cec5..df8f976 100644
--- a/.github/workflows/request_landing.yml
+++ b/.github/workflows/request_landing.yml
@@ -6,6 +6,9 @@ on:
 
 jobs:
   comment:
+    permissions:
+      contents: read
+      pull-requests: write
     runs-on: ubuntu-latest
 
     steps: