From e3501175ebff7fba50a8cb3b536a4062fd3dd352 Mon Sep 17 00:00:00 2001
From: Federico Stagni <federico.stagni@cern.ch>
Date: Mon, 27 Oct 2025 11:00:19 +0100
Subject: [PATCH] fix: added permissions to token

---
 .github/workflows/deployment.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
index beea9ef2..5166fa60 100644
--- a/.github/workflows/deployment.yml
+++ b/.github/workflows/deployment.yml
@@ -17,6 +17,10 @@ jobs:
     name: PyPI deployment
     runs-on: "ubuntu-latest"
     if: github.event_name != 'push' || github.repository == 'DIRACGrid/WebAppDIRAC'
+    permissions:
+      id-token: write
+      attestations: write
+      contents: write
     defaults:
       run:
         shell: bash -l {0}
@@ -41,7 +45,6 @@ jobs:
               readme_renderer \
               requests \
               setuptools_scm \
-              six
       - name: Validate README for PyPI
         run: |
           python -m readme_renderer README.rst -o /tmp/README.html