From 2468bd0582171f5f0819b2468157995b3edcb9c8 Mon Sep 17 00:00:00 2001
From: Phill MV <phillmv@github.com>
Date: Thu, 11 Apr 2024 15:55:04 -0400
Subject: [PATCH] Update README.md to use `attestations` permission

---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index f9ad5c8..d44d27f 100644
--- a/README.md
+++ b/README.md
@@ -29,11 +29,11 @@ attest:
    ```yaml
    permissions:
      id-token: write
-     contents: write # TODO: Update this
+     attestations: write
    ```
 
    The `id-token` permission gives the action the ability to mint the OIDC token
-   permission is necessary to persist the attestation. The `contents` permission
+   permission is necessary to persist the attestation. The `attestations` permission
    is necessary to persist the attestation.
 
 1. Add the following to your workflow after your artifact has been built:
@@ -112,7 +112,7 @@ jobs:
   build:
     permissions:
       id-token: write
-      contents: write
+      attestations: write
 
     steps:
       - name: Checkout
@@ -166,7 +166,7 @@ jobs:
     permissions:
       id-token: write
       packages: write
-      contents: write
+      attestations: write
     env:
       REGISTRY: ghcr.io
       IMAGE_NAME: ${{ github.repository }}