Merge pull request #72 from alphagov/update-snyk-permissions

Add required permissions for integrating snyk with code scanning
alphagov · Mar 19, 2024 · 2a9d0db · 2a9d0db
2 parents b9f0786 + c2dffe3
commit 2a9d0db
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -16,8 +16,14 @@ jobs:
   snyk-security:
     name: SNYK security analysis
     uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main
+    with:
+      skip_sca: true
     secrets: inherit
-
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+
   codeql-sast:
     name: CodeQL SAST scan
     uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main