From c78388a2cb6e1f1bac9f5a0541e0c4cce421dde5 Mon Sep 17 00:00:00 2001
From: Winni Neessen <winfried.neessen@cleverbridge.com>
Date: Sat, 23 Mar 2024 15:49:03 +0100
Subject: [PATCH] Add read permissions to GitHub workflow files

This commit adds read permissions for 'contents' in the GitHub workflow files sonarqube.yml and reuse.yml. This allows these specific workflows to access the relevant contents they need for execution.
---
 .github/workflows/reuse.yml     | 3 +++
 .github/workflows/sonarqube.yml | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml
index 0fc64c71..825f68c9 100644
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@@ -6,6 +6,9 @@ name: REUSE Compliance Check
 
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
   test:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
index 4b173dfd..bbffd885 100644
--- a/.github/workflows/sonarqube.yml
+++ b/.github/workflows/sonarqube.yml
@@ -3,6 +3,10 @@
 # SPDX-License-Identifier: CC0-1.0
 
 name: SonarQube
+
+permissions:
+  contents: read
+
 on:
   push:
     branches: