From 8419eabf7a9a60a07d6303634f14f6dd9824047f Mon Sep 17 00:00:00 2001
From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com>
Date: Mon, 3 Nov 2025 12:54:21 -0700
Subject: [PATCH 1/2] Potential fix for code scanning alert no. 3: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/nodejs.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
index cd4d09a..d91f4a5 100644
--- a/.github/workflows/nodejs.yml
+++ b/.github/workflows/nodejs.yml
@@ -1,4 +1,6 @@
 name: Node CI
+permissions:
+  contents: read
 
 on: push
 jobs:

From 2139efb1a164c3fc90b1e8b4bc35c866d7fa7268 Mon Sep 17 00:00:00 2001
From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com>
Date: Mon, 3 Nov 2025 12:54:21 -0700
Subject: [PATCH 2/2] Potential fix for code scanning alert no. 2: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/publish.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index c1b229d..06a97b2 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,4 +1,6 @@
 name: Publish
+permissions:
+  contents: read
 
 on:
   release: