Add top level read permission to CodeQL config (#314)

spaze · web-flow · commit 32ac1e10bb33 · 2024-05-08T06:15:00.000+02:00
It already has the job-level permissions set. Close #313
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -20,6 +20,9 @@ on:
     - cron: '33 8 * * 6'
   workflow_dispatch:
 
+permissions:
+  contents: read
+
 jobs:
   analyze:
     name: Analyze (${{ matrix.language }})
