From 92a514db69dfe2b85a1bafae89e394e44b339704 Mon Sep 17 00:00:00 2001
From: Calin Lupas <lupas_calin@yahoo.com>
Date: Tue, 22 Apr 2025 14:04:43 -0400
Subject: [PATCH] Add security-events permission for SARIF results upload

---
 .github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml b/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml
index ce1e662..63b50e5 100644
--- a/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml
+++ b/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml
@@ -22,6 +22,7 @@ env:
 
 permissions:
   contents: read 
+  security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
   #issues: write # to create issues for alerts
 
 jobs: