From c9b6aee07e98596593e5709d3687092feeabe808 Mon Sep 17 00:00:00 2001
From: Josh Soref <2119212+jsoref@users.noreply.github.com>
Date: Wed, 17 Jun 2026 10:52:02 -0400
Subject: [PATCH] Fix codeql workflow permissions (#993)

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
---
 .github/workflows/codeql-analysis.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 7a826123..1964b62f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -10,5 +10,8 @@ on:
 
 jobs:
   call-codeQL-analysis:
+    permissions:
+      actions: read
+      security-events: write
     name: CodeQL analysis
     uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main