Update codeql.yml

Set top level permissions to read-all to pass OpenSSF Scorecard open
intel · Oct 21, 2024 · aa239d2 · aa239d2
1 parent 2562057
commit aa239d2
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -8,6 +8,9 @@ on:
   schedule:
     - cron: '35 2 * * 0'
 
+# Declare default permissions as read only.
+permissions: read-all
+
 jobs:
   analyze:
     name: Analyze (${{ matrix.language }})