Review and update the front matter for CodeQL tools (#52725)

2025-12-19 18:10:59 -05:00 · 2024-10-22 18:18:53 +01:00
parent 1e869047fc
commit eaa13fab57
7 changed files with 16 additions and 18 deletions
--- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md
+++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md
@@ -2,6 +2,7 @@
 title: Preparing your code for CodeQL analysis
 intro: 'You can build a {% data variables.product.prodname_codeql %} database containing the data needed to analyze your code.'
 shortTitle: Preparing code for analysis
+permissions: '{% data reusables.permissions.repo-checkout %}'
 product: '{% data reusables.gated-features.codeql %}'
 versions:
  fpt: '*'
--- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/uploading-codeql-analysis-results-to-github.md
+++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/uploading-codeql-analysis-results-to-github.md
@@ -2,6 +2,7 @@
 title: Uploading CodeQL analysis results to GitHub
 shortTitle: Uploading results to GitHub
 intro: 'You can use the {% data variables.product.prodname_codeql_cli %} to upload {% data variables.product.prodname_codeql %} analysis results to {% data variables.product.product_name %}.'
+permissions: '{% data reusables.permissions.code-scanning-all-alerts %}'
 product: '{% data reusables.gated-features.codeql %}'
 versions:
  fpt: '*'
@@ -25,7 +26,12 @@ If you used a method other than the {% data variables.product.prodname_codeql_cl

 ## Generating a token for authentication with {% data variables.product.product_name %}

-Before you can upload your results to {% data variables.product.product_name %}, you will first need to generate a {% data variables.product.pat_generic %} with the `security_events` write permission. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."
+Before you can upload your results to {% data variables.product.product_name %}, you will first need to generate a {% data variables.product.pat_generic %}.
+
+* **{% data variables.product.pat_v1_caps %}** requires "{% data variables.product.prodname_code_scanning_caps %} alerts" **Read and write** access for the required repositories.
+* **{% data variables.product.pat_v2_caps %}** requires "repo" **security_events** access.
+
+For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."

 If you have installed the {% data variables.product.prodname_codeql_cli %} in a third-party CI system to create results to display in {% data variables.product.prodname_dotcom %} as code scanning alerts, you can use a {% data variables.product.prodname_github_app %} or {% data variables.product.pat_generic %} to upload results to {% data variables.product.product_name %}. For more information, see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#generating-a-token-for-authentication-with-github)."