From 8308c55fedfc8b0b6b357c830c7600db65bd7357 Mon Sep 17 00:00:00 2001 From: Loris Leiva Date: Wed, 17 Jun 2026 09:58:47 +0100 Subject: [PATCH] Set explicit permissions on publish workflows --- .github/workflows/publish-js.yml | 3 +++ .github/workflows/publish-rust.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/publish-js.yml b/.github/workflows/publish-js.yml index de3ac7b..89456f7 100644 --- a/.github/workflows/publish-js.yml +++ b/.github/workflows/publish-js.yml @@ -59,6 +59,9 @@ jobs: main: needs: set_env uses: solana-program/actions/.github/workflows/publish-js.yml@main + permissions: + contents: write + id-token: write with: solana-cli-version: ${{ needs.set_env.outputs.SOLANA_CLI_VERSION }} target: ${{ needs.set_env.outputs.TARGET }} diff --git a/.github/workflows/publish-rust.yml b/.github/workflows/publish-rust.yml index 305b11f..b36011a 100644 --- a/.github/workflows/publish-rust.yml +++ b/.github/workflows/publish-rust.yml @@ -66,6 +66,9 @@ jobs: main: needs: set_env uses: solana-program/actions/.github/workflows/publish-rust.yml@main + permissions: + contents: write + id-token: write with: solana-cli-version: ${{ needs.set_env.outputs.SOLANA_CLI_VERSION }} clippy-toolchain: ${{ needs.set_env.outputs.RUST_TOOLCHAIN_NIGHTLY }}