We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent 07608e8 commit 540c778Copy full SHA for 540c778
1 file changed
.github/workflows/scorecards-analysis.yml
@@ -22,20 +22,20 @@ on:
22
push:
23
branches: [ "master" ]
24
25
-permissions:
26
- id-token: write # This is required for requesting the JWT
27
- contents: read # This is required for actions/checkout
28
-
+permissions: read-all
+
29
jobs:
30
31
analysis:
32
33
name: "Scorecards analysis"
34
runs-on: ubuntu-latest
35
permissions:
36
- security-events: write # Needed to upload the results to the code-scanning dashboard.
+ # Needed to upload the results to the code-scanning dashboard.
+ security-events: write
37
actions: read
38
- contents: read
+ id-token: write # This is required for requesting the JWT
+ contents: read # This is required for actions/checkout
39
40
steps:
41
0 commit comments