fix: add explicit permissions to GitHub Actions workflow

- Add contents: read permission to test job
- Add contents: read permission to build job
- Add contents: write, issues: write, pull-requests: write to release job
- Fixes CodeQL security alerts about missing workflow permissions

Co-authored-by: hsluoyz <3787410+hsluoyz@users.noreply.github.com>

Author: Copilot

.github/workflows/ci.yml

@@ -12,6 +12,8 @@ jobs:
   test:
     name: Test
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     strategy:
       matrix:
         go-version: ['1.23.0']
@@ -41,6 +43,8 @@ jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     strategy:
       matrix:
         go-version: ['1.23.0']
@@ -60,6 +64,10 @@ jobs:
   release:
     name: Release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
     needs: [test, build]
     if: github.event_name == 'push' && github.ref == 'refs/heads/master'