From 437e9c0c4eb28c099cb08991cbf86ccfb982df2a Mon Sep 17 00:00:00 2001
From: tanzilahmed0 <tanahmed03@gmail.com>
Date: Fri, 18 Jul 2025 15:51:59 -0700
Subject: [PATCH] update CodeQL Action from v2 to v3

---
 .github/workflows/ci.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cfa3f31..3b7f6a8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -179,6 +179,10 @@ jobs:
   security:
     name: Security & Quality
     runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
     
     steps:
     - name: Checkout code
@@ -193,7 +197,7 @@ jobs:
         output: 'trivy-results.sarif'
     
     - name: Upload Trivy scan results
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       if: always()
       with:
         sarif_file: 'trivy-results.sarif'