From 8b4fea29473bf46b5e36685e6f3b6aaf8319571c Mon Sep 17 00:00:00 2001
From: Luc Georges <luc.sydney.georges@gmail.com>
Date: Mon, 10 Jun 2024 11:27:49 +0200
Subject: [PATCH 1/2] fix(ci): remove unnecessary permissions

---
 .github/workflows/trufflehog.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml
index ba6fdda9b65..9cbbf680372 100644
--- a/.github/workflows/trufflehog.yml
+++ b/.github/workflows/trufflehog.yml
@@ -3,12 +3,6 @@ on:
 
 name: Secret Leaks
 
-permissions:
-  contents: read
-  id-token: write
-  issues: write
-  pull-requests: write
-
 jobs:
   trufflehog:
     runs-on: ubuntu-latest

From d4a5e702c0f7f9cb6e80c3d0e1872b80b0e3be68 Mon Sep 17 00:00:00 2001
From: Luc Georges <luc.sydney.georges@gmail.com>
Date: Tue, 11 Jun 2024 10:24:32 +0200
Subject: [PATCH 2/2] fix(ci): set correct permissions

---
 .github/workflows/trufflehog.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml
index 9cbbf680372..b406d43b8f0 100644
--- a/.github/workflows/trufflehog.yml
+++ b/.github/workflows/trufflehog.yml
@@ -3,6 +3,9 @@ on:
 
 name: Secret Leaks
 
+permissions:
+  contents: read
+
 jobs:
   trufflehog:
     runs-on: ubuntu-latest