From 447320bdb6f64be696c767313c92f29dcd004b7c Mon Sep 17 00:00:00 2001
From: heqianwang <158102624+heqianwang@users.noreply.github.com>
Date: Fri, 23 Aug 2024 13:33:57 -0400
Subject: [PATCH] Allow semgrep pipeline to read content (#20)

---
 .github/workflows/reusable-semgrep-workflow.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/reusable-semgrep-workflow.yml b/.github/workflows/reusable-semgrep-workflow.yml
index 8922045..cb03b6f 100644
--- a/.github/workflows/reusable-semgrep-workflow.yml
+++ b/.github/workflows/reusable-semgrep-workflow.yml
@@ -7,6 +7,7 @@ jobs:
   semgrep:
     runs-on: ubuntu-latest
     permissions:
+      contents: read
       security-events: write
 
     container: