From dac181a3233aaf7eaa4b28e676b59bd104794019 Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Sun, 25 Sep 2022 22:17:34 +0200
Subject: [PATCH] build: harden stale.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>
---
 .github/workflows/stale.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 57666417a..1df1c7044 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -4,8 +4,13 @@ on:
   schedule:
     - cron: '0 4 * * *'
 
+permissions: {}
 jobs:
   stale:
+    permissions:
+      issues: write # to close stale issues (actions/stale)
+      pull-requests: write # to close stale PRs (actions/stale)
+
     runs-on: ubuntu-latest
     steps:
       - uses: actions/stale@v5