From 9ef6dd432617c92d0272cb40d402f595128fc72d Mon Sep 17 00:00:00 2001
From: tsteven4 <13596209+tsteven4@users.noreply.github.com>
Date: Mon, 23 Dec 2024 19:07:38 -0700
Subject: [PATCH] fix code scanning detected "Workflow does not contain
 permissions" (#1396)

* fix code scanning "Workflow does not contain permissions"

* restrict workflow permissions

* lockdown permissions
---
 .github/workflows/codacy-analysis.yaml | 1 +
 .github/workflows/fedora.yml           | 1 +
 .github/workflows/gendocs.yml          | 1 +
 .github/workflows/ubuntu.yml           | 1 +
 4 files changed, 4 insertions(+)

diff --git a/.github/workflows/codacy-analysis.yaml b/.github/workflows/codacy-analysis.yaml
index 1a33418ba..e36eb7efd 100644
--- a/.github/workflows/codacy-analysis.yaml
+++ b/.github/workflows/codacy-analysis.yaml
@@ -1,4 +1,5 @@
 name: Codacy clang-tidy
+permissions: {}
 
 on:
   push:
diff --git a/.github/workflows/fedora.yml b/.github/workflows/fedora.yml
index ca26eda9c..b97886d68 100644
--- a/.github/workflows/fedora.yml
+++ b/.github/workflows/fedora.yml
@@ -1,4 +1,5 @@
 name: "fedora"
+permissions: {}
 
 on:
   schedule:
diff --git a/.github/workflows/gendocs.yml b/.github/workflows/gendocs.yml
index a6b64fb8a..d800b4dd9 100644
--- a/.github/workflows/gendocs.yml
+++ b/.github/workflows/gendocs.yml
@@ -1,4 +1,5 @@
 name: "gendocs"
+permissions: {}
 
 on:
   push:
diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml
index f8e3e1f42..6fbf4043c 100644
--- a/.github/workflows/ubuntu.yml
+++ b/.github/workflows/ubuntu.yml
@@ -1,4 +1,5 @@
 name: "ubuntu"
+permissions: {}
 
 on:
   push: