From c22c5a1cc9e04cc2ac92b63ad5740d0c6eea3f2b Mon Sep 17 00:00:00 2001
From: Adnan Khan <AdnaneKhan@users.noreply.github.com>
Date: Tue, 21 Oct 2025 15:22:49 -0400
Subject: [PATCH] ci: scope down permissions for upgrade-npm-packages.yml

---
 .github/workflows/upgrade-npm-packages.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/upgrade-npm-packages.yml b/.github/workflows/upgrade-npm-packages.yml
index b11c03b..bc9cb57 100644
--- a/.github/workflows/upgrade-npm-packages.yml
+++ b/.github/workflows/upgrade-npm-packages.yml
@@ -6,6 +6,10 @@ on:
   schedule:
     - cron:  "0 0 * * 0"
 
+permissions:
+  contents: write
+  pull-requests: write
+
 jobs:
   upgrade-packages:
     name: Upgrade packages