From a447077ffd2e40f633f2aa200b1b8d61063573c4 Mon Sep 17 00:00:00 2001
From: Sam Yuan <yy19902439@126.com>
Date: Fri, 29 Nov 2024 19:04:38 +0800
Subject: [PATCH] [fix]: adjust gosec permissions settings according to GHA ref
 (#1867)

Signed-off-by: Sam Yuan <yy19902439@126.com>
---
 .github/workflows/daily.yml | 3 ++-
 .github/workflows/gosec.yml | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
index c70e582a65..a7db48be24 100644
--- a/.github/workflows/daily.yml
+++ b/.github/workflows/daily.yml
@@ -6,7 +6,8 @@ on: # yamllint disable-line rule:truthy
   schedule:
     - cron: 12 9 * * *
 
-permissions: read-all
+permissions:
+  security-events: write
 
 jobs:
   # daily go security
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
index 24fd88daf4..fee16c4cad 100644
--- a/.github/workflows/gosec.yml
+++ b/.github/workflows/gosec.yml
@@ -6,7 +6,8 @@ on: # yamllint disable-line rule:truthy
   workflow_call:
 
 permissions:
-  pull-requests: read
+  security-events: write
+  contents: read
 
 jobs:
   tests: