From baf5ef3220e9918d4a0ec356faac55174380e2b6 Mon Sep 17 00:00:00 2001
From: naveen <172697+naveensrinivasan@users.noreply.github.com>
Date: Fri, 3 Sep 2021 18:20:55 +0000
Subject: [PATCH] :seedling: Updated actions permission for codeql

* Updated the actions permissions for codeql from write to specific
  settings. https://github.com/ossf/scorecard/issues/942
---
 .github/workflows/codeql-analysis.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 1200a9b0b585..73862b60a156 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -26,6 +26,10 @@
 name: "CodeQL"
 
 on:
+  permissions:
+    contents: read
+    statuses: write
+    security-events: write
   push:
     branches: [ main ]
   pull_request: