Should we be specifying the required permissions in the workflow instead?

This seems sort of new / I don't remember having to do this previously.

https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token

edit: pretty sure this won't help

Is it possible that this was only required because it was being tested in a fork? I suppose either way, adding this message is harmless.

Is it possible that this was only required because it was being tested in a fork?

I think it's likely that it is because it's a fork but I created it using the big green "Use this template" button on GitHub so it's pretty likely that others would run into it too.

This seems sort of new / I don't remember having to do this previously.

It could also be a recent thing, though this is my first time using it as a template. When I used this for the bevy jam 2, I added it to an existing project and I didn't run into it then.

Should we be specifying the required permissions in the workflow instead?

If that's possible that would be ideal! Didn't know that might be a thing when I wrote this PR.

It could also be a recent thing, though this is my first time using it as a template.

Good point. Actually, I haven't tested this as a template before, but I can confirm that I see the same thing when using the "Use this template" button.

It seems like this might be an old issue with actions-rs/clippy-check though.

actions-rs/clippy-check#2

Which apparently needs some sort of write perms to annotate commits.

Pinging @mockersf for github CI expertise. Is it an issue to instruct users to add these permissions?

They don't seem to be the default even for non-forked repos.

This also seems to be a problem with the release workflow, so moving away from actions-rs/clippy-check doesn't seem like a solution.