Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add privileges to codeql-analysis.yml #8

Merged
merged 1 commit into from
Aug 16, 2023

Conversation

MaggieFero
Copy link
Collaborator

Explicitly give codeql-analysis action the security-events: write permission so it still works even when the default GitHub Actions token is set to read-only.

Explicitly give codeql-analysis action the security-events: write permission so it still works even when the default GitHub Actions token is set to read-only.
@MaggieFero MaggieFero requested a review from phildini August 16, 2023 05:19
@MaggieFero
Copy link
Collaborator Author

Adding @phildini as a reviewer, since this does increase privilege granted to a GitHub action, but it's a GitHub-maintained tool and the additional permission is to write security events, so I don't anticipate a significant increase in risk by granting this.

@MaggieFero
Copy link
Collaborator Author

For future reference, the reason our CodeQL run was failing to initialize is documented here: github/codeql-action#464

@phildini phildini merged commit d450b8f into main Aug 16, 2023
@phildini phildini deleted the privileges-for-codeql-analysis branch August 16, 2023 05:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants