Give only read-level security-events permission where possible
This commit is contained in:
parent
d39065943f
commit
9cd802ec12
58 changed files with 64 additions and 58 deletions
5
.github/workflows/codeql.yml
vendored
5
.github/workflows/codeql.yml
vendored
|
|
@ -24,7 +24,7 @@ jobs:
|
|||
versions: ${{ steps.compare.outputs.versions }}
|
||||
|
||||
permissions:
|
||||
security-events: write
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
|
@ -80,7 +80,8 @@ jobs:
|
|||
runs-on: ${{ matrix.os }}
|
||||
|
||||
permissions:
|
||||
security-events: write
|
||||
contents: read
|
||||
security-events: write # needed to upload results
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue