]> nmode's Git Repositories - signal-cli/blobdiff - .github/workflows/codeql-analysis.yml
git.nmode.ca / signal-cli / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Restrict workflow permissions
[signal-cli] / .github / workflows / codeql-analysis.yml
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 25bcc2653a1d55afca8d71776ec9f8b6ec08dcb2..60c4ef990e0c68e6c2477cf6c5eb15aee2b10676 100644 (file)
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -9,6 +9,10 @@ on:
   schedule:
     - cron: '0 7 * * 4'
 
+permissions:
+  contents: read # to fetch code (actions/checkout)
+  security-events: write
+
 jobs:
   analyse:
     name: Analyse
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut