From e50bee67e3ddf3d5ac2e3abc4785eb970f7e70fc Mon Sep 17 00:00:00 2001
From: Nathan Miller <nmiller217@gmail.com>
Date: Wed, 14 Feb 2024 12:40:29 -0800
Subject: [PATCH] add id-token: write permission to dependency-review workflow
 for component-detection step

---
 .github/workflows/dependency-review.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 3c58ad21..2a6ce5c3 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -18,7 +18,8 @@ jobs:
 
   dependency-review:
     runs-on: ubuntu-22.04
-    permissions: 
+    permissions:
+      id-token: write 
       contents: write
       pull-requests: write