From e67682c31c4865c050478a9813f2fd7f53c89ca7 Mon Sep 17 00:00:00 2001 From: Chris Campbell <808531+ctcampbell@users.noreply.github.com> Date: Mon, 29 Jan 2024 10:09:37 +0000 Subject: [PATCH] Add perms for comment-summary-in-pr --- code-scanning/dependency-review.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/code-scanning/dependency-review.yml b/code-scanning/dependency-review.yml index 39d06e3..82c1ef5 100644 --- a/code-scanning/dependency-review.yml +++ b/code-scanning/dependency-review.yml @@ -20,6 +20,8 @@ on: # https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api permissions: contents: read + # Required if `comment-summary-in-pr: true` is uncommented below + # pull-requests: write jobs: dependency-review: @@ -29,7 +31,7 @@ jobs: uses: actions/checkout@v4 - name: 'Dependency Review' uses: actions/dependency-review-action@v4 - # Commonly enabled options (https://github.com/actions/dependency-review-action#configuration-options) + # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. # with: # fail-on-severity: moderate # deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later