From 309bf9e06fbe301e027fd1f132184f78e1ea1a7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Mon, 3 Feb 2025 08:34:58 +0100 Subject: [PATCH] Fix: Allow dependency review workflow to add comments to a PR The workflow requires the pull-request write permission because it wants to add a comment to the current PR. --- .github/workflows/dependency-review.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index de423a0e..572eee69 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -1,8 +1,11 @@ name: 'Dependency Review' -on: [pull_request] + +on: + pull_request permissions: contents: read + pull-requests: write jobs: dependency-review: