From bbcf258d7eb900825504fb234aa27111119a895a Mon Sep 17 00:00:00 2001
From: "Michael B. Gale" <mbg@github.com>
Date: Thu, 6 Nov 2025 17:02:41 +0000
Subject: [PATCH] Add permissions to workflow

Also update workflow a bit
---
 .github/workflows/label-issue.yml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/label-issue.yml b/.github/workflows/label-issue.yml
index 9c2567cd..74942344 100644
--- a/.github/workflows/label-issue.yml
+++ b/.github/workflows/label-issue.yml
@@ -6,11 +6,14 @@ on:
 jobs:
   label:
     name: Label issue
-    runs-on: ubuntu-latest
-    if: github.event.action == 'opened'
+    runs-on: ubuntu-slim
+    permissions:
+      issues: write
     steps:
       - name: Label issue
+        run: gh issue edit "$NUMBER" --add-label "$LABELS"
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          echo '{"labels": ["CLI"]}' | gh api repos/${{ github.repository }}/issues/${{ github.event.issue.number }}/labels --input -
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_REPO: ${{ github.repository }}
+          NUMBER: ${{ github.event.issue.number }}
+          LABELS: CLI