From 6deb2b55b616ae982a8ddfbeafe43e56035ae95b Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu, 30 Nov 2023 14:23:21 -0500
Subject: [PATCH] Add top-level permissions to pypi (#9945)

which are then overridden by the one job. the various bots like this better
---
 .github/workflows/pypi-publish.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/pypi-publish.yml b/.github/workflows/pypi-publish.yml
index 666b56940bee..7d762a53d5a6 100644
--- a/.github/workflows/pypi-publish.yml
+++ b/.github/workflows/pypi-publish.yml
@@ -18,6 +18,9 @@ on:
 env:
   PUBLISH_REQUIREMENTS_PATH: .github/requirements/publish-requirements.txt
 
+permissions:
+  contents: read
+
 jobs:
   publish:
     runs-on: ubuntu-latest