From c763b521bef39922ec554e868979cd2d2b8eb831 Mon Sep 17 00:00:00 2001
From: Michal Dorner <dorner.michal@gmail.com>
Date: Wed, 12 Oct 2022 22:11:12 +0200
Subject: [PATCH 1/3] Document need for pull-requests: read permission

---
 README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/README.md b/README.md
index 0b22258f..58930547 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ don't allow this because they don't work on a level of individual jobs or steps.
     or **[pull_request_target](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target)** event
   - Changes are detected against the pull request base branch
   - Uses GitHub REST API to fetch a list of modified files
+  - Requires [pull-requests: read](https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs) permission
 - **Feature branches:**
   - Workflow triggered by **[push](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#push)**
   or any other **[event](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows)**
@@ -209,6 +210,9 @@ jobs:
   # JOB to run change detection
   changes:
     runs-on: ubuntu-latest
+    # Required permissions
+    permissions:
+      pull-requests: read
     # Set job outputs to values from filter step
     outputs:
       backend: ${{ steps.filter.outputs.backend }}
@@ -253,6 +257,9 @@ jobs:
   # JOB to run change detection
   changes:
     runs-on: ubuntu-latest
+    # Required permissions
+    permissions:
+      pull-requests: read
     outputs:
       # Expose matched filters as job 'packages' output variable
       packages: ${{ steps.filter.outputs.changes }}
@@ -295,6 +302,9 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    # Required permissions
+    permissions:
+      pull-requests: read
     steps:
     - uses: actions/checkout@v3
     - uses: dorny/paths-filter@v2

From ffe0943825aacc70f8339da147e57bd1facb7f13 Mon Sep 17 00:00:00 2001
From: Michal Dorner <dorner.michal@gmail.com>
Date: Wed, 12 Oct 2022 22:13:26 +0200
Subject: [PATCH 2/3] Modify ts file to trigger CI

---
 src/main.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main.ts b/src/main.ts
index 457765f6..5836178f 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -268,3 +268,4 @@ function isExportFormat(value: string): value is ExportFormat {
 }
 
 run()
+// trigger CI

From e12ca0e5841742f7c635d972126faa8c08bf01d0 Mon Sep 17 00:00:00 2001
From: Michal Dorner <dorner.michal@gmail.com>
Date: Wed, 12 Oct 2022 22:13:26 +0200
Subject: [PATCH 3/3] Revert "Modify ts file to trigger CI"

This reverts commit ffe0943825aacc70f8339da147e57bd1facb7f13.
---
 src/main.ts | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/main.ts b/src/main.ts
index 5836178f..457765f6 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -268,4 +268,3 @@ function isExportFormat(value: string): value is ExportFormat {
 }
 
 run()
-// trigger CI