From b7f1f3a6c00daf2d07e7b191f870ca6c3baab6f6 Mon Sep 17 00:00:00 2001
From: Illia <doku_isv@icloud.com>
Date: Sun, 18 Feb 2024 15:50:14 +0100
Subject: [PATCH] ci: update permissions

---
 .github/workflows/main.yml | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index a93ef07..d4ef1e6 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -9,7 +9,12 @@ on:
     branches: [ main ]
 
 permissions:
+  pull-requests: write
+  issues: write
+  repository-projects: write
   packages: write
+  id-token: write
+  contents: write
 
 jobs:
   lint:
@@ -27,7 +32,7 @@ jobs:
         env:
           VALIDATE_ALL_CODEBASE: false
           DEFAULT_BRANCH: master
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.PERSO_GITHUB }}
           VALIDATE_JSCPD: false
           VALIDATE_TYPESCRIPT_STANDARD: false
           VALIDATE_MARKDOWN: false
@@ -95,9 +100,6 @@ jobs:
     needs: 
       - lint
       - test
-    env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v4
@@ -105,3 +107,6 @@ jobs:
           node-version: '20.11.1'
       - name: Run Semantic-Release
         run: npx semantic-release --debug
+        env:
+          GITHUB_TOKEN: ${{ secrets.PERSO_GITHUB }}
+          NPM_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}