From 5aaabf62c8c9ff7b7120aeeab5def707e07105a4 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 18 Nov 2025 16:35:35 +0000
Subject: [PATCH] Add explicit permissions to publish job for security

Co-authored-by: whyour <22700758+whyour@users.noreply.github.com>
---
 .github/workflows/build-docker-image.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index 49755896..0fdfb5f1 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -284,6 +284,10 @@ jobs:
     needs: build
 
     runs-on: ubuntu-latest
+    
+    permissions:
+      contents: read
+    
     steps:
       - uses: actions/checkout@v4
       - uses: pnpm/action-setup@v3