Add security-events: write for SARIF upload

tashian · claude · tashian · commit d82c663e5f8f · 2026-03-02T18:28:25.000-08:00
The zizmor-action uploads results to GitHub Advanced Security by
default, which requires security-events: write permission.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
@@ -8,6 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
+      security-events: write
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
