From 89011e25ae04d04133995c7f8a6ced52cd81c70d Mon Sep 17 00:00:00 2001
From: Akshay Shah <akshay@akshayshah.org>
Date: Tue, 25 Jun 2024 11:01:10 -0700
Subject: [PATCH] Improve fossa action configuration

Restrict action permissions and enumerate triggers.

Signed-off-by: Akshay Shah <akshay@akshayshah.org>
---
 .github/workflows/fossa.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml
index 48898a99..f5bef5b5 100644
--- a/.github/workflows/fossa.yaml
+++ b/.github/workflows/fossa.yaml
@@ -1,3 +1,9 @@
+name: fossa
+# Prevent writing to the repository using the CI token.
+# Ref: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#permissions
+permissions:
+  pull-requests: read
+on: [pull_request, push]
 jobs:
   fossa-scan:
     runs-on: ubuntu-latest