Potential fix for code scanning alert no. 12: Workflow does not contain permissions

[gertd]

Potential fix for https://github.com/aserto-dev/topaz-console/security/code-scanning/12

The best way to fix this issue is to explicitly set the minimal permissions necessary for the workflow. Since none of the jobs require write access or interact with GitHub to create issues, pull requests, or update content, the minimal necessary permission is contents: read. This should be added near the top of the file (root level, directly under or after the name: field and before env: or on:), so it applies to all jobs in the workflow. If any job requires more permissions later, those can be set explicitly per-job.

No other code or structure in the file needs to be changed, and no new dependencies are required.

---

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 30.44%. Comparing base (96267ce) to head (ba33121).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #118   +/-   ##
=======================================
  Coverage   30.44%   30.44%           
=======================================
  Files         310      310           
  Lines       12606    12606           
  Branches      679      678    -1     
=======================================
  Hits         3838     3838           
  Misses       8567     8567           
  Partials      201      201           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.