From 5a74733aee0717012c28d431dc353d78964a2379 Mon Sep 17 00:00:00 2001 From: Finn Evers Date: Thu, 2 Apr 2026 10:22:34 +0200 Subject: [PATCH] ci: Add pull request write permissions for cherry-pick workflow (#52927) This was missing from the previous permissions changes. Self-Review Checklist: - [X] I've reviewed my own diff for quality, security, and reliability - [ ] Unsafe blocks (if any) have justifying comments - [ ] The content is consistent with the [UI/UX checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist) - [ ] Tests cover the new/changed behavior - [X] Performance impact has been considered and is acceptable Release Notes: - N/A --- .github/workflows/cherry_pick.yml | 1 + tooling/xtask/src/tasks/workflows/cherry_pick.rs | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/cherry_pick.yml b/.github/workflows/cherry_pick.yml index fc91aadee7b565f57cebc59affd2e94d3087696c..ed0800dc5bbf1ec59182e9d24753e9b5112c4d13 100644 --- a/.github/workflows/cherry_pick.yml +++ b/.github/workflows/cherry_pick.yml @@ -37,6 +37,7 @@ jobs: private-key: ${{ secrets.ZED_ZIPPY_APP_PRIVATE_KEY }} permission-contents: write permission-workflows: write + permission-pull-requests: write - name: cherry_pick::run_cherry_pick::cherry_pick run: ./script/cherry-pick "$BRANCH" "$COMMIT" "$CHANNEL" env: diff --git a/tooling/xtask/src/tasks/workflows/cherry_pick.rs b/tooling/xtask/src/tasks/workflows/cherry_pick.rs index ad8bc1c2c84acc9780bd5d803d893c4657335e90..46fb41094eb9fcea3cf40c4a289217f16855483b 100644 --- a/tooling/xtask/src/tasks/workflows/cherry_pick.rs +++ b/tooling/xtask/src/tasks/workflows/cherry_pick.rs @@ -49,6 +49,7 @@ fn run_cherry_pick( .with_permissions([ (TokenPermissions::Contents, Level::Write), (TokenPermissions::Workflows, Level::Write), + (TokenPermissions::PullRequests, Level::Write), ]) .into();