From feba998986e3ffc751504e8f16e5b2ad05d25520 Mon Sep 17 00:00:00 2001 From: Bill Forney Date: Sat, 14 Jun 2025 02:11:56 -0700 Subject: [PATCH] Potential fix for code scanning alert no. 46: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/defender-for-devops.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml index 4080825..7307f85 100644 --- a/.github/workflows/defender-for-devops.yml +++ b/.github/workflows/defender-for-devops.yml @@ -17,6 +17,9 @@ # Read the official documentation here : https://learn.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-github name: "Microsoft Defender For Devops" +permissions: + contents: read + security-events: write on: push: