From 012c00dc42de030ddd69fb4a48412c62498a0fe9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Joshua=20Dean=20K=C3=BCpper?= <admin@joshua-kuepper.de>
Date: Mon, 29 Jan 2024 23:14:35 +0100
Subject: [PATCH] fix action permissions

---
 .github/workflows/docker.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index f7ac105..6cd3ffc 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -14,6 +14,8 @@ jobs:
     permissions:
       contents: read
       packages: write
+      actions: read
+      security-events: write
     steps:
 
     - name: Checkout repository
@@ -63,6 +65,6 @@ jobs:
     - name: Upload SARIF result
       id: upload-sarif
       if: ${{ github.event_name != 'pull_request_target' }}
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       with:
         sarif_file: sarif.output.json