Add descriptive comment

The `actions: read` permission is only required when the workflow is executed in a private repository.
This commit is contained in:
Remco Vermeulen
2022-05-31 12:28:16 +02:00
committed by GitHub
parent b9fbda1e7d
commit 27f5b1e9fd
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # for github/codeql-action/upload-sarif to get Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#example-workflow-for-sarif-files-generated-outside-of-a-repository
runs-on: ubuntu-latest
steps:
- name: Checkout the code