From 642280202a3b566e6d1ad75ded1f9c1c3115306c Mon Sep 17 00:00:00 2001
From: Lin Zhihao <59785146+LinZhihao-723@users.noreply.github.com>
Date: Sun, 1 Dec 2024 00:46:03 -0500
Subject: [PATCH] Apply suggestions from code review

Co-authored-by: kirkrodrigues <2454684+kirkrodrigues@users.noreply.github.com>
---
 .github/workflows/pr-title-checks.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pr-title-checks.yaml b/.github/workflows/pr-title-checks.yaml
index e34a7d7..91e241b 100644
--- a/.github/workflows/pr-title-checks.yaml
+++ b/.github/workflows/pr-title-checks.yaml
@@ -2,13 +2,14 @@ name: "pr-title-checks"
 
 on:
   pull_request_target:
-    # NOTE: The `pull_request_target` event means GITHUB_TOKEN can access secrets and is granted
-    # read/write repository access by default. So we need to ensure:
+    # NOTE: Workflows triggered by this event give the workflow access to secrets and grant the
+    # `GITHUB_TOKEN` read/write repository access by default. So we need to ensure:
     # - This workflow doesn't inadvertently check out, build, or execute untrusted code from the
     #   pull request triggered by this event.
     # - Each job has `permissions` set to only those necessary.
     types: ["edited", "opened", "reopened"]
     branches: ["main"]
+permissions: {}
 
 concurrency:
   group: "${{github.workflow}}-${{github.ref}}"