From 4c85cee0eed18798be72dde31f87abec39aa0dca Mon Sep 17 00:00:00 2001
From: Sam Ford <1584702+samford@users.noreply.github.com>
Date: Sun, 15 Dec 2024 13:12:17 -0500
Subject: [PATCH] workflows/triage: fix excessive-permissions zizmor error

This addresses the `excessive-permissions` error from `zizmor` by
moving the workflow permissions to the jobs where they're needed.
---
 .github/workflows/triage.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/triage.yml b/.github/workflows/triage.yml
index 5e2ffb574c7e..aec39372c63b 100644
--- a/.github/workflows/triage.yml
+++ b/.github/workflows/triage.yml
@@ -6,10 +6,6 @@ concurrency:
   group: "triage-${{ github.event.number }}"
   cancel-in-progress: true
 
-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
   limit-pull-requests:
     if: >
@@ -17,6 +13,9 @@ jobs:
       (github.event_name == 'pull_request_target' &&
        github.event.action == 'opened')
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
     steps:
       - uses: Homebrew/actions/limit-pull-requests@master
         with:
@@ -31,6 +30,9 @@ jobs:
 
   triage:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
     steps:
       - name: Check commit format
         uses: Homebrew/actions/check-commit-format@master