From 9a2428e709b6783e6a320d729dd30ca91b50b677 Mon Sep 17 00:00:00 2001
From: Victor Martinez <VictorMartinezRubio@gmail.com>
Date: Fri, 23 Jan 2026 14:36:20 +0100
Subject: [PATCH] github-action: add artifact-metadata permission for
 attestations

---
 .github/workflows/release-step-3.yml | 1 +
 .github/workflows/snapshot.yml       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.github/workflows/release-step-3.yml b/.github/workflows/release-step-3.yml
index 07a97fe..d7df203 100644
--- a/.github/workflows/release-step-3.yml
+++ b/.github/workflows/release-step-3.yml
@@ -67,6 +67,7 @@ jobs:
     needs:
       - validate-tag
     permissions:
+      artifact-metadata: write
       attestations: write
       contents: write
       id-token: write
diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index 0bd5f1d..f7e430b 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -38,6 +38,7 @@ jobs:
     needs: validate
     if: ${{ contains(needs.validate.outputs.is-snapshot, 'true') }}
     permissions:
+      artifact-metadata: write
       attestations: write
       contents: write
       id-token: write