From dc79c532597ed9401aea46f7322a4fb85d95c2ac Mon Sep 17 00:00:00 2001
From: Andrew Eisenberg <aeisenberg@github.com>
Date: Mon, 23 Sep 2024 19:13:10 +0000
Subject: [PATCH] Avoid uploading eslint sarif for dependabot PR

Dependabot does not have `security-events: write` permission.
---
 .github/workflows/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index d52ed6fe8..82af7c7e8 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -103,7 +103,7 @@ jobs:
           npm run lint-ci
 
       - name: Upload ESLint results to Code Scanning
-        if: "${{ !cancelled() }}"
+        if: "${{ !cancelled() && !startsWith(github.head_ref, 'dependabot/')}}"
         uses: github/codeql-action/upload-sarif@main
         with:
           sarif_file: extensions/ql-vscode/build/eslint.sarif