fix(ci): grant security-events write to GHA validator workflow (#40539)

Co-authored-by: Claude Code <noreply@anthropic.com>
2026-06-02 14:19:21 +00:00 · 2026-05-29 21:46:54 -07:00
parent 8c6271e9ff
commit f165c3fa78
1 changed files with 5 additions and 0 deletions
--- a/.github/workflows/github-action-validator.yml
+++ b/.github/workflows/github-action-validator.yml
@@ -16,6 +16,11 @@ jobs:

  validate-all-ghas:
    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+      # Required for the zizmor action to upload its SARIF results to
+      # GitHub code scanning (advanced-security is enabled by default).
+      security-events: write
    steps:
      - name: Checkout Repository
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2