From 9b7c619f94cd02bf2fd4dad619012e4457a9b17a Mon Sep 17 00:00:00 2001
From: Justin Chu <justinchuby@users.noreply.github.com>
Date: Sat, 18 May 2024 14:17:44 -0700
Subject: [PATCH] Add security events permissions (#8)

---
 .github/workflows/main.yml |  2 ++
 README.md                  | 23 ++++++++++++++---------
 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 915214a..965bd5f 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -9,6 +9,8 @@ on:
 
 jobs:
   lintrunner:
+    permissions:
+      security-events: write
     runs-on: ubuntu-latest
     name: Test the action
     steps:
diff --git a/README.md b/README.md
index 2b2586c..67dab58 100644
--- a/README.md
+++ b/README.md
@@ -9,15 +9,20 @@ This action sets up and runs `lintrunner`(https://github.com/suo/lintrunner) to
 See [action.yml](./action.yml)
 
 ```yaml
-steps:
-  - uses: actions/checkout@v3
-  - uses: justinchuby/lintrunner-action@main
-    with:
-      # Whether the action should upload a SARIF report of the
-      # lint results which will show up as a GitHub code scanning report
-      publish_code_scanning: true
-      # Disable verbose logging from lintrunner and only show lint results
-      quiet: true
+jobs:
+  lint:
+    permissions:
+      security-events: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: justinchuby/lintrunner-action@main
+        with:
+          # Whether the action should upload a SARIF report of the
+          # lint results which will show up as a GitHub code scanning report
+          publish_code_scanning: true
+          # Disable verbose logging from lintrunner and only show lint results
+          quiet: true
 ```
 
 ## Set up lintrunner