From 49e7e5a4368db60ed64b52ebfbf4b2f5f323d850 Mon Sep 17 00:00:00 2001
From: Falk Scheerschmidt <falk@staffbase.com>
Date: Tue, 7 Apr 2026 14:28:01 +0200
Subject: [PATCH] fix: add pull-requests: read permission to release workflow

The reusable release drafter workflow requests pull-requests: read
internally to read PR data for generating release notes. Without this
permission in the caller, the nested job is denied access.

Co-Authored-By: OpenCode <noreply@opencode.ai>
---
 .github/workflows/release.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3ec78ba..3ec2f8d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,6 +7,7 @@ on:
 
 permissions:
   contents: write
+  pull-requests: read
 
 jobs:
   update_release_draft: