Adjusted workflow permissions

Signed-off-by: Eddie Knight <knight@linux.com>
2026-02-13 21:16:57 +00:00 · 2022-10-20 11:04:49 -05:00
parent 9f41efb6f7
commit 939a75115c
8 changed files with 25 additions and 3 deletions
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@@ -10,7 +10,6 @@ on:

 permissions:
  contents: read # for actions/checkout to fetch code
-  security-events: write # for codeQL to write security events

 jobs:
  fossa:
@@ -50,6 +49,8 @@ jobs:
          sarif_file: snyk.sarif

  codeql:
+    permissions:
+      security-events: write # for codeQL to write security events
    name: CodeQL
    runs-on: ubuntu-latest
    if: github.actor != 'dependabot[bot]'