From 3f97ddb261609ce760ed877965f25968cf152eda Mon Sep 17 00:00:00 2001
From: ismail simsek <ismailsimsek09@gmail.com>
Date: Wed, 30 Apr 2025 18:10:32 +0200
Subject: [PATCH 1/3] chore: update workflow permissions

---
 .github/workflows/publish.yaml | 4 +++-
 .github/workflows/push.yaml    | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index 8de4d60..765ebcf 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -1,6 +1,8 @@
 name: Plugins - CD
 run-name: Deploy ${{ inputs.branch }} to ${{ inputs.environment }} by @${{ github.actor }}
-permissions: {}
+permissions:
+  contents: read
+  id-token: read
 
 on:
   workflow_dispatch:
diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml
index a432517..11c5339 100644
--- a/.github/workflows/push.yaml
+++ b/.github/workflows/push.yaml
@@ -1,5 +1,7 @@
 name: Plugins - CI
-permissions: {}
+permissions:
+  contents: read
+  id-token: write
 
 on:
   push:

From 800b1a9716511eca7b07924df97614aa6c3a5a85 Mon Sep 17 00:00:00 2001
From: ismail simsek <ismailsimsek09@gmail.com>
Date: Wed, 30 Apr 2025 18:19:32 +0200
Subject: [PATCH 2/3] chore: update workflow permissions

---
 .github/workflows/publish.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index 765ebcf..c9accf9 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -2,7 +2,7 @@ name: Plugins - CD
 run-name: Deploy ${{ inputs.branch }} to ${{ inputs.environment }} by @${{ github.actor }}
 permissions:
   contents: read
-  id-token: read
+  id-token: write
 
 on:
   workflow_dispatch:

From f0ff57d01a9318da987dfdf956c47c4c2759d5c8 Mon Sep 17 00:00:00 2001
From: ismail simsek <ismailsimsek09@gmail.com>
Date: Wed, 30 Apr 2025 19:25:47 +0200
Subject: [PATCH 3/3] more permissions for publish

---
 .github/workflows/publish.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index c9accf9..98c16ba 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -1,7 +1,8 @@
 name: Plugins - CD
 run-name: Deploy ${{ inputs.branch }} to ${{ inputs.environment }} by @${{ github.actor }}
 permissions:
-  contents: read
+  attestations: write
+  contents: write
   id-token: write
 
 on: