Update the perms to allow OSV scanning to work.

Signed-off-by: Caleb Brown <calebbrown@google.com>
ossf · Sep 10, 2024 · 5c72e79 · 5c72e79
1 parent e2bb701
commit 5c72e79
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml
@@ -9,7 +9,7 @@ on:
 
 # Declare default permissions as read only.
 permissions:
-  # Only need to read contents
+  actions: read
   contents: read
   # Require writing security events to upload SARIF file to security tab
   security-events: write

diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml
@@ -8,7 +8,7 @@ on:
     branches: [ main ]
 
 permissions:
-  # Only need to read contents
+  actions: read
   contents: read
   # Require writing security events to upload SARIF file to security tab
   security-events: write