From 481994078fbf61317fe35456e9a1b8a960e7dfa0 Mon Sep 17 00:00:00 2001
From: Brett Cannon <brett@python.org>
Date: Fri, 23 Apr 2021 15:18:50 -0700
Subject: Restrict GITHUB_TOKEN permissions for the 'stale' workflow (GH-25564)

It should only need write-level permissions to pull requests.
---
 .github/workflows/stale.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 58c9a4f..26806fa 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -4,6 +4,9 @@ on:
   schedule:
   - cron: "0 0 * * *"
 
+permissions:
+  pull-requests: write
+
 jobs:
   stale:
 
-- 
cgit v0.12