diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
index 1845570..afedb05 100644
--- a/.github/workflows/node.js.yml
+++ b/.github/workflows/node.js.yml
@@ -1,19 +1,13 @@
 # This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
 # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
 
-name: Node.js Build and deploy
+name: Build and deploy
 
 on:
   push:
     branches: ["master"]
   workflow_dispatch:
 
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 # Allow one concurrent deployment
 concurrency:
   group: "pages"
@@ -21,9 +15,14 @@ concurrency:
 
 jobs:
   get-branches:
-    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
     outputs:
       branches: ${{ steps.get-branches.outputs.branches }}
+
+    runs-on: ubuntu-latest
+
     steps:
       - name: Get list of remote branches and their hashes
         id: get-branches
@@ -34,10 +33,10 @@ jobs:
           echo "$branches" | jq .
           echo "branches=$branches" >> $GITHUB_OUTPUT
 
-  build:
-    runs-on: ubuntu-latest
-    needs: get-branches
-    continue-on-error: true
+  build:      
+    permissions:
+      contents: read
+
     outputs:
       branches: ${{ needs.get-branches.outputs.branches }}
 
@@ -45,6 +44,10 @@ jobs:
       matrix:
         branches: ${{fromJson(needs.get-branches.outputs.branches)}}
 
+    runs-on: ubuntu-latest
+    needs: get-branches
+    continue-on-error: true
+
     steps:
       - uses: actions/checkout@v4
         with:
@@ -80,6 +83,11 @@ jobs:
 
   # Deployment job
   deploy:
+    permissions:
+      contents: read
+      pages: write
+      id-token: write
+
     environment:
       name: github-pages
       url: ${{ steps.deployment.outputs.page_url }}