From c4bb1f6ef63d721ac2d50f8ca17bff8505997d1e Mon Sep 17 00:00:00 2001
From: Daniel Chalef <131175+danielchalef@users.noreply.github.com>
Date: Mon, 30 Jun 2025 13:01:42 -0700
Subject: [PATCH] Potential fix for code scanning alert no. 18: Workflow does
 not contain permissions (#648)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/typecheck.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml
index 23c300ec..9848b959 100644
--- a/.github/workflows/typecheck.yml
+++ b/.github/workflows/typecheck.yml
@@ -1,5 +1,8 @@
 name: Pyright Type Check
 
+permissions:
+  contents: read
+
 on:
   push:
     branches: ["main"]