fix: actions permissions and upgrade to 1.9.1 #22
Conversation
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
| @@ -16,14 +16,16 @@ on: | |||
| branches: [ "main" ] | |||
|
|
|||
| permissions: | |||
| # Required to upload SARIF file to CodeQL. See: https://github.com/github/codeql-action/issues/2117 | |||
There was a problem hiding this comment.
Could you please let me know where you found the error reported by the linked issue? Looks like our CIs are working as expected.
Or this issue only happens after bumping the action from "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" to "google/osv-scanner-action/.github/workflows/[email protected]"?
There was a problem hiding this comment.
when use [email protected] the permissions need changed
There was a problem hiding this comment.
What does this PR do
This pull request includes updates to the GitHub Actions workflow configuration file
.github/workflows/osv-scanner.yml. The changes primarily focus on adjusting permissions and updating the reusable workflow reference.Updates to GitHub Actions workflow configuration:
actions: readpermission to allow uploading SARIF files to CodeQL.contents: readpermission to clarify it only needs to read contents.1f1242919d8a60496dd1874b24b62b2370ed4c78tov1.9.1.Rationale for this change
Standards checklist