From 07f2cc0e33d1a5f29c38c20c88057acf1a457b69 Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Mon, 31 Oct 2022 16:55:32 +0200
Subject: [PATCH] build: harden label_merge_conflicts.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>
---
 .github/workflows/label_merge_conflicts.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/label_merge_conflicts.yml b/.github/workflows/label_merge_conflicts.yml
index a401e8db05..d71d244c2b 100644
--- a/.github/workflows/label_merge_conflicts.yml
+++ b/.github/workflows/label_merge_conflicts.yml
@@ -11,13 +11,14 @@ on:
   pull_request_target:
     types: [ synchronize ]
 
+permissions: {}
+
 jobs:
   triage:
     # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace'
     if: github.repository == 'dspace/dspace'
     runs-on: ubuntu-latest
     permissions:
-      issues: write
       pull-requests: write
     steps:
       # See: https://github.com/prince-chrismc/label-merge-conflicts-action