From 3962a01c8917bbd83e119b95441ceca4e6d1ea5a Mon Sep 17 00:00:00 2001
From: Markus Cozowicz <eisber@eisber.ent>
Date: Mon, 17 Jun 2024 16:35:06 +0000
Subject: [PATCH] fix workflow permissions

---
 .github/workflows/build.yaml  | 1 -
 .github/workflows/codeql.yaml | 5 +++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 62865fd3..a8e2b749 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -4,7 +4,6 @@ on: [push]
 
 permissions:
   contents: write          # This is required for actions/checkout@v1
-  security-events: write   # To upload sarif files
 
 jobs:
   build:
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
index 612458d3..ccb34bf7 100644
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@@ -6,6 +6,11 @@ on:
   schedule:
     - cron: '20 14 * * 1'
 
+permissions:
+  actions: read
+  contents: read
+  security-events: write   # To upload sarif files
+
 jobs:
   analyze:
     name: Analyze