Skip to content

Commit 001097d

Browse files
committed
fix: bump codeql-action v3→v4, add permissions to post-publish
- github/codeql-action bumped from v3 to v4 (latest major) - post-publish job gets permissions: contents: write (needed by maven-dependency-submission-action to submit the dependency graph) https://claude.ai/code/session_01TPLSUAgEHPFGSoDesiPZ5N
1 parent 46b5560 commit 001097d

2 files changed

Lines changed: 5 additions & 3 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@ jobs:
1717
- uses: actions/checkout@v6
1818
- uses: actions/setup-java@v5
1919
with: { java-version: '8', distribution: zulu }
20-
- uses: github/codeql-action/init@v3
20+
- uses: github/codeql-action/init@v4
2121
with: { languages: java, queries: +security-and-quality }
22-
- uses: github/codeql-action/autobuild@v3
23-
- uses: github/codeql-action/analyze@v3
22+
- uses: github/codeql-action/autobuild@v4
23+
- uses: github/codeql-action/analyze@v4
2424
with: { category: "/language:java" }

.github/workflows/publish.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -665,6 +665,8 @@ jobs:
665665
(needs.publish-snapshot.result == 'success' ||
666666
needs.publish-release.result == 'success')
667667
runs-on: ubuntu-latest
668+
permissions:
669+
contents: write
668670
steps:
669671
- uses: actions/checkout@v6
670672
- uses: actions/setup-java@v5

0 commit comments

Comments
 (0)