Merge pull request #20 from happyprime/repo-sync/projects/default

Workflows: Allow dependabot permissions in PHPCS workflow
happyprime · Nov 17, 2023 · 15e2a87 · 15e2a87
2 parents a14278e + 014d6d0
commit 15e2a87
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml
@@ -3,6 +3,14 @@ name: PHPCS (Default, PHP 8.2)
 
 on: pull_request
 
+# The GITHUB_TOKEN used by Dependabot has read-only permissions
+# by default, so we provide write permissions to this workflow
+# so that comments can be left on the pull request.
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   phpcs:
     runs-on: ubuntu-latest