Grant GitHub access to ...GitHub

Why shouldn't the least secure process be the one to verify the security?
2024-04-10 23:13:45 -04:00 · 2024-04-10 23:13:45 -04:00 · 36afd6ce53
commit 36afd6ce53
parent 144a272115
1 changed files with 1 additions and 3 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -6,9 +6,7 @@ on:
  pull_request:
    branches: [ master ]

-permissions:
-  contents: write
-  packages: read
+permissions: write-all

 jobs:
  analyze: