add security-events write permission (#290)

LittleLittleCloud · web-flow · commit 02cdc13efa2d · 2024-02-22T08:58:12.000-08:00
## Purpose  * ... partially fix #285 ## Does this introduce a breaking change?  ``` [ ] Yes [ ] No ``` ## Pull Request Type What kind of change does this Pull Request introduce?  ``` [ ] Bugfix [ ] Feature [ ] Code style update (formatting, local variables) [ ] Refactoring (no functional changes, no api changes) [ ] Documentation content changes [ ] Other... Please describe: ``` ## How to Test * Get the code ``` git clone [repo-address] cd [repo-name] git checkout [branch-name] npm install ``` * Test the code  ``` ``` ## What to Check Verify that the following are valid * ... ## Other Information
diff --git a/.github/workflows/azure-dev-validation.yml b/.github/workflows/azure-dev-validation.yml
@@ -10,6 +10,11 @@ on:
     paths:
       - "infra/**"
 
+permissions:
+  contents: read
+  actions: read
+  security-events: write
+
 jobs:
   build:
 
@@ -31,7 +36,7 @@ jobs:
           tools: templateanalyzer
 
       - name: Upload alerts to Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         if: github.repository == 'Azure-Samples/azure-search-openai-demo-csharp'
         with:
           sarif_file: ${{ steps.msdo.outputs.sarifFile }}
