Skip to content

Commit 37531d8

Browse files
paul-dohertypaul-doherty
authored
Fixes #21 (#22)
* Fixes #21 * Add actions read permission to unified workflow * PR feedback. Added link to codeql-action issue
1 parent 8d8993e commit 37531d8

File tree

3 files changed

+6
-0
lines changed

3 files changed

+6
-0
lines changed

.github/workflows/osv-scanner-reusable-pr.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@
1616
name: "OSV-Scanner PR Scanning"
1717

1818
permissions:
19+
# Required to upload SARIF file to CodeQL. See: https://github.com/github/codeql-action/issues/2117
20+
actions: read
1921
contents: read
2022
security-events: write
2123

.github/workflows/osv-scanner-reusable.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@
1616
name: OSV-Scanner single vulnerability scan
1717

1818
permissions:
19+
# Required to upload SARIF file to CodeQL. See: https://github.com/github/codeql-action/issues/2117
20+
actions: read
1921
contents: read
2022
security-events: write
2123

.github/workflows/osv-scanner-unified-workflow.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,8 @@ on:
2525
branches: ["main"]
2626

2727
permissions:
28+
# Required to upload SARIF file to CodeQL. See: https://github.com/github/codeql-action/issues/2117
29+
actions: read
2830
# Require writing security events to upload SARIF file to security tab
2931
security-events: write
3032
# Read commit contents

0 commit comments

Comments
 (0)