Updated scan & update permissions

Signed-off-by: Eddie Knight <knight@linux.com>
2026-02-13 21:16:57 +00:00 · 2022-10-20 12:09:34 -05:00
parent 939a75115c
commit 2abf932ee4
2 changed files with 5 additions and 0 deletions
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@@ -27,6 +27,8 @@ jobs:

  snyk:
    name: Snyk
+    permisions:
+      security-events: write
    runs-on: ubuntu-latest
    if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
    steps:
--- a/.github/workflows/update.yaml
+++ b/.github/workflows/update.yaml
@@ -12,6 +12,9 @@ permissions:

 jobs:
  update-components:
+    permissions:
+      contents: write
+      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Check out code