From 5dd9bfb484de5ed9884cf58b84dd8a26550a3f0a Mon Sep 17 00:00:00 2001
From: Benjamin Michaelis <git@relay.benjamin.michaelis.net>
Date: Sat, 16 May 2026 22:09:48 -0700
Subject: [PATCH] Potential fix for code scanning alert no. 3: Workflow does
 not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/build-and-test.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
index 397afc2..38490ac 100644
--- a/.github/workflows/build-and-test.yml
+++ b/.github/workflows/build-and-test.yml
@@ -33,6 +33,8 @@ jobs:
             use-github-auto-merge: true
   build-and-test:
     runs-on: ${{ matrix.os }}
+    permissions:
+      contents: read
     
     strategy:
       matrix: