From 66086691969d5011a7f6f255f66d41981e6f9092 Mon Sep 17 00:00:00 2001
From: GraTech Admin <admin@gratech.sa>
Date: Wed, 10 Dec 2025 17:51:25 +0000
Subject: [PATCH] fix(security): add explicit permissions to ci.yml - fixes 3
 CodeQL alerts

---
 .github/workflows/ci.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 959ef4b..aaa957a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,5 +1,11 @@
 name: CI/CD Pipeline
 
+
+permissions:
+  contents: read
+  pull-requests: read
+  checks: write
+
 on:
   push:
     branches: [ main, develop ]