From f4c1e0253f67a8a03bff5aff43cca18be85aabb5 Mon Sep 17 00:00:00 2001
From: Xavier Alvarez <xalvarez@users.noreply.github.com>
Date: Tue, 2 Jan 2024 10:09:20 +0100
Subject: [PATCH] Document GitHub API permissions

---
 .github/workflows/test.yml |  3 +++
 README.md                  | 10 ++++++++++
 2 files changed, 13 insertions(+)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 2c202f71..78d88366 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -4,6 +4,9 @@ on:
     branches:
       - main
 
+permissions:
+  pull-requests: read
+
 jobs:
   build:
     runs-on: ubuntu-latest
diff --git a/README.md b/README.md
index df2464f4..6d95bbaa 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,16 @@ In the example above, files with `.example` extension won't be allowed to be cha
 
 **Note**: This Action supports pull request events only.
 
+## GITHUB_TOKEN permissions
+
+The required GITHUB_TOKEN permissions are: `pull-requests: read`. Therefore, you may configure your workflow or job's
+permissions as follows:
+
+```
+permissions:
+  pull-requests: read
+```
+
 ## Development
 
 To work on this Action you first need to install npm dependencies: