From 487dafdf7c2a684e774acebfa6f6d113bb4e75cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Paj=C4=85k?= <pellared@hotmail.com>
Date: Wed, 12 Oct 2022 15:11:13 +0200
Subject: [PATCH] Fix CodeQL GH workflow permissions (#216)

---
 .github/workflows/{codeql-analysis.yml => codeql.yml} | 6 +++++-
 CHANGELOG.md                                          | 1 +
 2 files changed, 6 insertions(+), 1 deletion(-)
 rename .github/workflows/{codeql-analysis.yml => codeql.yml} (95%)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql.yml
similarity index 95%
rename from .github/workflows/codeql-analysis.yml
rename to .github/workflows/codeql.yml
index 14c0448..174ac57 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql.yml
@@ -12,7 +12,11 @@ on:
 
 jobs:
   analyze:
-    name: Analyze
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+
     runs-on: ubuntu-latest
 
     strategy:
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5cff7a6..d4481ab 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -35,6 +35,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Add `workflow_dispatch` to all workflows. ([#204](https://github.com/golang-templates/seed/pull/204))
 - Fix docker image name. ([#205](https://github.com/golang-templates/seed/pull/205))
+- Fix CodeQL GH workflow permissions. ([#216](https://github.com/golang-templates/seed/pull/216))
 
 ## [0.15.0](https://github.com/golang-templates/seed/releases/tag/v0.15.0)