Refactor GitHub Actions workflow for security updates: removed unnecessary permissions for security-events and repository-advisories, and updated environment variable for GitHub token to enhance security during vulnerability scanning.

Author: jaydrogers

.github/workflows/action_publish-images-security-updates.yml

@@ -17,8 +17,6 @@ on:
 permissions:
   contents: write
   packages: write
-  security-events: write
-  repository-advisories: write
 
 jobs:
   scan-vulnerabilities:
@@ -50,7 +48,7 @@ jobs:
       - if: inputs.skip_scan != true
         id: parse
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.GHA_SECURITY_ADVISORY_PAT }}
         shell: bash
         run: |
           if [ -f trivy-results.json ]; then