From 3eb3a70aab8515a4e3f62daff0cfdc2ace24e61e Mon Sep 17 00:00:00 2001
From: Chris Mayo <aklhfex@gmail.com>
Date: Mon, 6 Dec 2021 19:27:49 +0000
Subject: [PATCH] Limit token permissions and pin 3rd-party action in
 publish-pages

---
 .github/workflows/publish-pages.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish-pages.yml b/.github/workflows/publish-pages.yml
index 7d18fc0c..7b9aee70 100644
--- a/.github/workflows/publish-pages.yml
+++ b/.github/workflows/publish-pages.yml
@@ -8,6 +8,8 @@ jobs:
   run:
 
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
 
     steps:
       - uses: actions/checkout@v2
@@ -31,7 +33,7 @@ jobs:
             make -C doc html
 
       - name: Publish
-        uses: peaceiris/actions-gh-pages@v3
+        uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           publish_dir: ./doc/html