From 10e223681fbc1988af90ce427cf09c1111117373 Mon Sep 17 00:00:00 2001
From: Dilum Aluthge <dilum@aluthge.com>
Date: Sat, 7 Aug 2021 23:09:58 -0400
Subject: [PATCH] CI (Buildbot, GHA): add a note about token permissions

---
 .github/workflows/statuses.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/statuses.yml b/.github/workflows/statuses.yml
index 0fcb8b37586e4..df86caa3acee3 100644
--- a/.github/workflows/statuses.yml
+++ b/.github/workflows/statuses.yml
@@ -10,6 +10,7 @@
 # Here are some steps that we take in this workflow file for security reasons:
 # 1. We do not checkout any code.
 # 2. We do not run any external actions.
+# 3. We only give `GITHUB_TOKEN` the minimum necessary set of permissions.
 
 name: Statuses