From 4d960c3c8ce4a222a9486ad9c8f5209a5d5f03e3 Mon Sep 17 00:00:00 2001
From: WC3D <57880529+WC3D@users.noreply.github.com>
Date: Wed, 16 Jul 2025 20:54:53 -0400
Subject: [PATCH] Potential fix for code scanning alert no. 29: Workflow does
 not contain permissions (#12326)

If a GitHub Actions job or workflow has no explicit permissions set, then the repository permissions are used. Repositories created under an organization inherit the organization's permissions. Organizations or repositories created before February 2023 have default permissions set to read-write. Often, these permissions do not adhere to the principle of least privilege and can be reduced to read-only, leaving write permission only for specific types, such as issues (write) or pull requests (write).

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/flutter-build.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/flutter-build.yml b/.github/workflows/flutter-build.yml
index 36bbe7902..c028844f6 100644
--- a/.github/workflows/flutter-build.yml
+++ b/.github/workflows/flutter-build.yml
@@ -2084,6 +2084,8 @@ jobs:
     if: False
     name: build-rustdesk-web
     runs-on: ubuntu-22.04
+    permissions:
+      contents: read
     strategy:
       fail-fast: false
     env: