From 3b1457d70da73a216ba7e54725a0c8a1021b1cea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr?= <machv@users.noreply.github.com>
Date: Tue, 6 Feb 2024 16:15:32 +0100
Subject: [PATCH 1/3] Use explicit write permission to create a release

---
 .github/workflows/create-release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
index 63432c70..8158c15f 100644
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -52,6 +52,9 @@ jobs:
     name: Create release
     if: "!contains(github.event.head_commit.message, '[no release]')"
     runs-on: self-hosted
+    permissions:
+      # needed to create a release
+      contents: write 
     needs: new-version
     steps:
       - uses: actions/checkout@v3

From e2b1b83f4b91f59e51be2a3694a73a327cfefbba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr?= <machv@users.noreply.github.com>
Date: Tue, 6 Feb 2024 16:16:58 +0100
Subject: [PATCH 2/3] Update create-release.yml

---
 .github/workflows/create-release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
index 8158c15f..ce330a8d 100644
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -17,6 +17,9 @@ jobs:
     name: Bump version
     if: "!contains(github.event.head_commit.message, '[no release]')"
     runs-on: windows-2019
+    permissions:
+      # needed to create a release
+      contents: write 
     outputs:
       previous_tag: ${{ steps.bump.outputs.previous_tag }}
       new_tag: ${{ steps.bump.outputs.new_tag }}

From f52a139fd8f75d381ae77add77b836a973c42ca9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr?= <machv@users.noreply.github.com>
Date: Tue, 6 Feb 2024 16:17:47 +0100
Subject: [PATCH 3/3] Update create-prerelase.yml

---
 .github/workflows/create-prerelase.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/create-prerelase.yml b/.github/workflows/create-prerelase.yml
index ce37d26c..c5a43fbc 100644
--- a/.github/workflows/create-prerelase.yml
+++ b/.github/workflows/create-prerelase.yml
@@ -16,6 +16,9 @@ jobs:
     name: Create prerelease
     if: "!contains(github.event.head_commit.message, '[no release]')"
     runs-on: windows-2019
+    permissions:
+      # needed to create a release
+      contents: write
     steps:
       - uses: actions/checkout@v3
         with: