add security events

Author: kikofernandez

.github/workflows/reusable-vendor-vulnerability-scanner.yml

@@ -66,6 +66,8 @@ jobs:
     # committed into them. thus, a workflow_dispatch or workflow_call would
     # not work, and we would not be able to analyse vendor dependecies there.
     runs-on: ubuntu-latest
+    permissions:
+      security-events: write
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/[email protected]
       - uses: erlef/setup-beam@5304e04ea2b355f03681464e683d92e3b2f18451 # racket:actions/checkout@v1