From 1e385752d53d5154dc91f9ba1a737c83038ff430 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Mon, 15 Jun 2026 18:29:07 -0500
Subject: Allow generated files to be readable by other users.

On CI/CD, the tests are run under a different user that the one that
runs the gn-auth service, therefore we need the generated files to be
readable by more than just the user running the gn-auth service.
---
 gn_auth/wsgi.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gn_auth/wsgi.py b/gn_auth/wsgi.py
index a5af37e..bab9991 100644
--- a/gn_auth/wsgi.py
+++ b/gn_auth/wsgi.py
@@ -174,12 +174,12 @@ def __parse_user_spec__(spec: str) -> dict:
 
 
 def __write_output__(data: dict, output_path) -> None:
-    """Write JSON data to a file with 0600 permissions, or stdout."""
+    """Write JSON data to a file with 0644 permissions, or stdout."""
     text = json.dumps(data, indent=2)
     if output_path is None:
         print(text)
         return
-    fd = os.open(output_path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+    fd = os.open(output_path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o644)
     with os.fdopen(fd, "w") as outfile:
         outfile.write(text)
 
-- 
cgit 1.4.1