github
diff --git a/‎lib/analyze-action.js‎
Lines changed: 1 addition & 1 deletion b/‎lib/analyze-action.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/autobuild-action.js‎
Lines changed: 1 addition & 1 deletion b/‎lib/autobuild-action.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/init-action-post.js‎
Lines changed: 1 addition & 1 deletion b/‎lib/init-action-post.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/init-action.js‎
Lines changed: 1 addition & 1 deletion b/‎lib/init-action.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/setup-codeql-action.js‎
Lines changed: 1 addition & 1 deletion b/‎lib/setup-codeql-action.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/upload-sarif-action.js‎
Lines changed: 1 addition & 1 deletion b/‎lib/upload-sarif-action.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/feature-flags.ts‎
Lines changed: 2 additions & 2 deletions b/‎src/feature-flags.ts‎
Lines changed: 2 additions & 2 deletions
@@ -666,10 +666,10 @@ class GitHubFeatureFlags {
       const httpError = util.asHTTPError(e);
       if (httpError?.status === 403) {
         this.logger.warning(
-          "This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. " +
+          "This run of the CodeQL Action does not have permission to access the CodeQL Action API endpoints. " +
             "As a result, it will not be opted into any experimental features. " +
             "This could be because the Action is running on a pull request from a fork. If not, " +
-            `please ensure the Action has the 'security-events: write' permission. Details: ${httpError.message}`,
+            `please ensure the workflow has at least the 'security-events: read' permission. Details: ${httpError.message}`,
         );
         this.hasAccessedRemoteFeatureFlags = false;
         return {};