Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(actions): Add security-events write permission to CodeQL results upload #2162

Merged
merged 1 commit into from
Mar 31, 2025
Merged

fix(actions): Add security-events write permission to CodeQL results upload #2162

merged 1 commit into from
Mar 31, 2025

Conversation

kotakanbe
Copy link
Member

What did you implement:

fix: https://github.com/future-architect/vuls/actions/runs/14102397791/job/39501261403

for details, see
https://github.com/github/codeql-action?tab=readme-ov-file#workflow-permissions

Workflow Permissions
All advanced setup code scanning workflows must have the security-events: write permission. Workflows in private repositories must additionally have the contents: read permission. For more information, see "[Assigning permissions to jobs](https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs)."

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Checklist:

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

@kotakanbe kotakanbe requested a review from Copilot March 31, 2025 07:32
Copilot
Copilot AI reviewed Mar 31, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This pull request fixes an issue by adding the required security-events write permission to the CodeQL workflow file used for code scanning.

  • Added security-events: write permission
  • Ensured that the permissions settings comply with CodeQL workflow requirements
Comments suppressed due to low confidence (1)

.github/workflows/codeql-analysis.yml:25

  • Ensure that the indentation level matches the surrounding permissions keys for consistent formatting; if the workflow requires a specific order of keys, verify that this change complies with it.
  security-events: write

@kotakanbe kotakanbe requested review from shino and MaineK00n March 31, 2025 07:32
@kotakanbe kotakanbe merged commit 00b25f4 into master Mar 31, 2025
7 checks passed
@kotakanbe kotakanbe deleted the fix-debian-detection branch March 31, 2025 11:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@MaineK00n MaineK00n MaineK00n approved these changes

@shino shino Awaiting requested review from shino

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kotakanbe @MaineK00n