Add actions read permission to unified workflow

google · May 23, 2024 · 93b609b · 93b609b
1 parent c736236
commit 93b609b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/.github/workflows/osv-scanner-unified-workflow.yml b/.github/workflows/osv-scanner-unified-workflow.yml
@@ -25,6 +25,8 @@ on:
  branches: ["main"]
 
 permissions:
+ # Required to upload SARIF file to CodeQL
+ actions: read
  # Require writing security events to upload SARIF file to security tab
  security-events: write
  # Read commit contents