Add required permissions for integrating snyk with code scanning

alphagov · Mar 13, 2024 · 21047d1 · 21047d1
1 parent ef1216a
commit 21047d1
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -15,6 +15,10 @@ jobs:
     name: SNYK security analysis
     uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main
     secrets: inherit
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
 
   codeql-sast:
     name: CodeQL SAST scan