From ce43f651ab65c92c61b0b8edc622cc8442eb1ca4 Mon Sep 17 00:00:00 2001
From: gitclonebrian <235774926+gitclonebrian@users.noreply.github.com>
Date: Wed, 10 Dec 2025 17:46:23 -0500
Subject: [PATCH] added permissions to token generation step to limit scope of
 token (#929)

---
 .github/workflows/version-bump.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml
index 87b01fd0..f0249473 100644
--- a/.github/workflows/version-bump.yml
+++ b/.github/workflows/version-bump.yml
@@ -47,6 +47,7 @@ jobs:
         with:
           app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
           private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
+          permission-contents: write
 
       - name: Checkout Branch
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0