From b90ea0582ae3866c2a11e47fc3708e4d97a5ad3f Mon Sep 17 00:00:00 2001 From: arjundashrath <54043589+arjundashrath@users.noreply.github.com> Date: Mon, 14 Feb 2022 12:43:26 +0530 Subject: [PATCH] Update veracode.yml --- code-scanning/veracode.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/code-scanning/veracode.yml b/code-scanning/veracode.yml index e38fffd..073d1b6 100644 --- a/code-scanning/veracode.yml +++ b/code-scanning/veracode.yml @@ -17,10 +17,16 @@ on: - cron: $cron-weekly # A workflow run is made up of one or more jobs that can run sequentially or in parallel +permissions: + contents: read + jobs: # This workflow contains a job to build and submit pipeline scan, you will need to customize the build process accordingly and make sure the artifact you build is used as the file input to the pipeline scan file parameter build-and-pipeline-scan: # The type of runner that the job will run on + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results runs-on: ubuntu-latest steps: