From 361700c0c736b4c0a0e4968e845fcd9c204d3b53 Mon Sep 17 00:00:00 2001
From: d-kimsuon <dev.kimuson@gmail.com>
Date: Sat, 18 Oct 2025 14:04:15 +0900
Subject: [PATCH] chore: adjust permission

---
 .github/workflows/pinact.yml | 18 +++++++-----------
 .gitignore                   |  3 +++
 2 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/pinact.yml b/.github/workflows/pinact.yml
index 399d467..ad5fcdc 100644
--- a/.github/workflows/pinact.yml
+++ b/.github/workflows/pinact.yml
@@ -8,28 +8,24 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+permissions:
+  contents: write
+  pull-requests: write
+
 jobs:
   pinact:
     name: pinact
     runs-on: ubuntu-latest
     timeout-minutes: 3
 
-    permissions:
-      id-token: write
-      contents: write
-
     steps:
       - name: Checkout
         uses: actions/checkout@v5.0.0
         with:
-          fetch-depth: 0
           persist-credentials: false
 
-      - name: Set up Git
-        uses: ./.github/actions/setup-git
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          origin: ${{ github.head_ref }}
-
       - name: Pin actions
         uses: suzuki-shunsuke/pinact-action@d735505f3decf76fca3fdbb4c952e5b3eba0ffdd # v0.1.2
+        with:
+          app_id: ${{ vars.BOT_APP_ID }}
+          app_private_key: ${{ secrets.BOT_APP_PRIVATE_KEY }}
diff --git a/.gitignore b/.gitignore
index b07348e..4182e47 100644
--- a/.gitignore
+++ b/.gitignore
@@ -46,3 +46,6 @@ dist/*
 
 # playwright
 .user-data/
+
+# claude code
+.claude/settings.local.json