From e0510b24ca045ac7682afb34b8498ae39e456ab2 Mon Sep 17 00:00:00 2001
From: Stewart Blacklock <stewart.f.blacklock@intel.com>
Date: Mon, 21 Oct 2024 13:02:44 -0700
Subject: [PATCH] Update codeql.yml

Set top level permissions
---
 .github/workflows/codeql.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 218b340..5031144 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,6 +35,9 @@ on:
   schedule:
     - cron: '45 23 * * 0'
 
+# Declare default permissions as read only.
+permissions: read-all
+
 jobs:
   analyze:
     name: Analyze