From 3dc8bc123179e237206f3015137248b938eeb901 Mon Sep 17 00:00:00 2001
From: Andrew Reed <andrew@smallstep.com>
Date: Thu, 7 May 2026 13:47:29 -0500
Subject: [PATCH] Try all permissions code scan has

---
 .github/workflows/codeql-analysis.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 1ce7078..8958652 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -33,6 +33,8 @@ on:
 
 permissions:
   actions: read
+  contents: read
+  security-events: write
 
 jobs:
   codeql-analyze: