From 1defa441d6088c73b7d184fc7a2a1a9aaaa493ff Mon Sep 17 00:00:00 2001
From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
Date: Sat, 21 Dec 2024 14:31:25 +0000
Subject: [PATCH] Update scorecards.yml

---
 .github/workflows/scorecards.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index d64327a2e52..f305074d8b9 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -15,7 +15,15 @@ on:
     branches: ["main"]
 
 # Declare default permissions as read only.
-permissions: read-all
+permissions:
+  # Needs to be read-all for general access
+  contents: read
+  security-events: write  # For uploading security results
+  id-token: write        # For publishing results
+  actions: read
+  issues: read
+  pull-requests: read
+  checks: read
 
 jobs:
   analysis: