From 3ba6d6324f3dc311c1f13dbb08d48a2cca9038f2 Mon Sep 17 00:00:00 2001
From: Mahmud Hussain <mahmudhssn246@gmail.com>
Date: Wed, 13 Mar 2024 11:11:56 +0000
Subject: [PATCH] Add required permissions for integrating snyk with code
 scanning

---
 .github/workflows/ci.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 83861f3..03d2200 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,6 +17,10 @@ jobs:
     name: SNYK security analysis
     uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main
     secrets: inherit
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
   
   codeql-sast:
     name: CodeQL SAST scan