ci: add security-events write permission for CodeQL

2026-03-27 23:15:51 +00:00 · 2026-03-27 19:12:20 +08:00
parent bb60694013
commit da15f829d3
1 changed files with 5 additions and 0 deletions
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -5,6 +5,11 @@ on:
    - cron: '0 2 * * *'  # 每天 UTC 02:00（北京时间 10:00）
  workflow_dispatch:     # 支持手动触发

+permissions:
+  contents: read
+  security-events: write
+  actions: read
+
 jobs:
  security-scan:
    name: Security Scan (${{ matrix.branch }})