From a80139913ad69754b738283897e8a1e3362b1a03 Mon Sep 17 00:00:00 2001
From: Dane Powell <git@danepowell.com>
Date: Mon, 27 Sep 2021 12:55:09 -0700
Subject: [PATCH] Specify required permissions in README (#164)

---
 README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.md b/README.md
index 5bc259e..2b0c7a2 100644
--- a/README.md
+++ b/README.md
@@ -208,4 +208,15 @@ The following `step.env` keys are allowed as a fallback but deprecated in favor
 
 > **⚠️ Note:** This action was previously implemented as a Docker container, limiting its use to GitHub Actions Linux virtual environments only. With recent releases, we now support cross platform usage. You'll need to remove the `docker://` prefix in these versions
 
+### Permissions
+
+This Action requires the following permissions on the GitHub integration token:
+
+```yaml
+permissions:
+  contents: write
+```
+
+[GitHub token permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) can be set for an individual job, workflow, or for Actions as a whole.
+
 Doug Tangren (softprops) 2019