From f8223bcffc124ae62c4ec12a69ae6775bcfdf93c Mon Sep 17 00:00:00 2001 From: amiabot Date: Fri, 17 Nov 2023 00:54:47 +0000 Subject: [PATCH] Workflows: Allow dependabot permissions in PHPCS workflow --- .github/workflows/phpcs.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index d70c09b..22fd349 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -3,6 +3,14 @@ name: PHPCS (Default, PHP 8.2) on: pull_request +# The GITHUB_TOKEN used by Dependabot has read-only permissions +# by default, so we provide write permissions to this workflow +# so that comments can be left on the pull request. +# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions +permissions: + contents: read + pull-requests: write + jobs: phpcs: runs-on: ubuntu-latest