From e451ec7fbc6b0bb81258d76f0dc0e5127c5d2e6e Mon Sep 17 00:00:00 2001
From: Kent Gruber <kent.gruber@temporal.io>
Date: Mon, 27 Oct 2025 12:57:32 -0400
Subject: [PATCH] Set explicit permissions for GitHub Actions workflows

This change was made by an automated process to ensure all GitHub Actions workflows have explicitly defined permissions as per best practices.
---
 .github/workflows/ci.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8fc0b023a..54deeb6eb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,5 +1,7 @@
 name: "Continuous Integration"
 on: [push, pull_request]
+permissions:
+  contents: read
 
 jobs:
   validation:
@@ -47,4 +49,4 @@ jobs:
       uses: gradle/actions/setup-gradle@v3
     
     - name: Run copyright and code format checks
-      run: ./gradlew --no-daemon spotlessCheck
\ No newline at end of file
+      run: ./gradlew --no-daemon spotlessCheck