jorgectf commented on PR #534: URL: https://github.com/apache/incubator-baremaps/pull/534#issuecomment-1312294533
@bchapuis: The `security-events: write` permission directive is granting the `GITHUB_TOKEN` generated for the job the [specific permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) required to [add security alerts](https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data) to the repository, which get displayed under the repository [security tab](https://github.com/apache/incubator-baremaps/security/code-scanning). Other permissions such as `contents: write` are not needed in this workflow. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@baremaps.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@baremaps.apache.org For additional commands, e-mail: dev-h...@baremaps.apache.org
