From f0b35f0a731335dde1eadd3dc0c9eefb4c45054f Mon Sep 17 00:00:00 2001
From: Stefan Zweifel <stefan@stefanzweifel.dev>
Date: Sat, 11 Feb 2023 21:29:07 +0100
Subject: [PATCH] Mention new permission requirements in usage docs

Starting February 2nd 2023, GitHub changed the default permissions of the GITHUB_TOKEN to be read-only in all new repositories.[1]

git-auto-commits needs `write`-permissions for the `contents`-key in order to work properly.
This commits updates the usage section, to mention the need for the permission requirements. The examples have also been updated to reflect that change.

[1]: https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/
---
 README.md | 40 ++++++++++++++++++++++++++++++++++++----
 1 file changed, 36 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 451c9b6..28bab23 100644
--- a/README.md
+++ b/README.md
@@ -13,14 +13,42 @@ If you want to learn more how this Action works under the hood, check out [this
 
 ## Usage
 
-Add the following step at the end of your job, after other steps that might add or change files.
+Adding git-auto-commit to your Workflow only takes a couple lines of code.
+
+1. Set the `contents`-permission of the default GITHUB_TOKEN to `true`. (Required to push new commits to the repository)
+2. Add the following step at the end of your job, after other steps that might add or change files.
 
 ```yaml
 - uses: stefanzweifel/git-auto-commit-action@v4
 ```
 
-Note that the Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`).
-If you don't use the default permission of the GITHUB_TOKEN, give the Job or Workflow at least the `contents: write` permission.
+Your Workflow should look similar to this example.
+
+```yaml
+name: Format
+
+on: push
+
+jobs:
+  format-code:
+    runs-on: ubuntu-latest
+
+    permissions:
+      # Give the default GITHUB_TOKEN write permission to commit and push the
+      # updated CHANGELOG back to the repository.
+      contents: write
+
+    steps:
+      - uses: actions/checkout@v3
+
+      # Other steps that change files in the repository
+
+      # Commit all changed files back to the repository
+      - uses: stefanzweifel/git-auto-commit-action@v4
+```
+
+> **Note**  
+> The Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`).
 
 The following is an extended example with all available options.
 
@@ -111,8 +139,12 @@ jobs:
   php-cs-fixer:
     runs-on: ubuntu-latest
 
+    permissions:
+      # Give the default GITHUB_TOKEN write permission to commit and push the changed files back to the repository.
+      contents: write
+
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
       with:
         ref: ${{ github.head_ref }}