Fix the token permissions for private copies of the CodeQL Action, and for runs that are not from pull requests.
This commit is contained in:
Chris Gavin
parent
643bc6e3ed
commit
e305db89c2
1 changed files with 3 additions and 0 deletions
3
.github/workflows/codeql.yml
vendored
3
.github/workflows/codeql.yml
vendored
|
|
@ -14,7 +14,9 @@ jobs:
|
|||
versions: ${{ steps.compare.outputs.versions }}
|
||||
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
|
@ -63,6 +65,7 @@ jobs:
|
|||
runs-on: ${{ matrix.os }}
|
||||
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue