From 7b222ff6b4e0ac9db677fd0c801990821e2661ae Mon Sep 17 00:00:00 2001
From: Xiang Li <python3kgae@outlook.com>
Date: Mon, 27 Nov 2023 15:49:05 -0800
Subject: [PATCH] [CI] remove contents write permission from code_formatter
 job. (#6068)

Only apply_diff job needs conntents write permission.
code_formatter job only needs pull-request write permission.
---
 .github/workflows/clang-format-checker.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/clang-format-checker.yml b/.github/workflows/clang-format-checker.yml
index 30d659bba3..b9c8154031 100644
--- a/.github/workflows/clang-format-checker.yml
+++ b/.github/workflows/clang-format-checker.yml
@@ -4,14 +4,13 @@ on:
     types: [opened,synchronize]
   issue_comment:
     types: edited
-permissions:
-  pull-requests: write
-  contents: write
 
 jobs:
   code_formatter:
     if: github.event_name == 'pull_request_target'
     runs-on: ubuntu-latest
+  permissions:
+    pull-requests: write
     steps:
       - name: Fetch LLVM sources
         uses: actions/checkout@v4
@@ -65,6 +64,9 @@ jobs:
     runs-on: ubuntu-latest
     env:
       TMP_DIFF_FILE: /tmp/diff.patch
+    permissions:
+      pull-requests: write
+      contents: write
     steps:
       - uses: actions/github-script@v3
         id: get-pr