What are GitHub Actions workflow permissions and the `permissions` key used for?

Question

Github — Hard

What are GitHub Actions workflow permissions and the `permissions` key used for?

Accepted Answer

GitHub Actions workflow permissions, defined by the `permissions` key, determine the minimum GITHUB_TOKEN permissions required. This setting follows the principle of least privilege, allowing for fine-grained control. The correct answer outlines the specific options for permission scopes. Incorrect options misinterpret the purpose of workflow permissions.