From a1e89aa8d552d8ae207260e9e9035407e5e3e516 Mon Sep 17 00:00:00 2001
From: Predrag Gruevski <2348618+obi1kenobi@users.noreply.github.com>
Date: Tue, 22 Aug 2023 11:38:18 -0400
Subject: [PATCH] Explicitly add the `contents: write` permission for
 publishing releases. (#9617)

---
 .github/workflows/_release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml
index d24bf983a1f..5ddf79ca7c2 100644
--- a/.github/workflows/_release.yml
+++ b/.github/workflows/_release.yml
@@ -23,6 +23,9 @@ jobs:
       # Trusted publishing has to also be configured on PyPI for each package:
       # https://docs.pypi.org/trusted-publishers/adding-a-publisher/
       id-token: write
+
+      # This permission is needed by `ncipollo/release-action` to create the GitHub release.
+      contents: write
     defaults:
       run:
         working-directory: ${{ inputs.working-directory }}