list individual permissions under job instead

Author: temenuzhka-thede

.github/workflows/scorecard.yml

@@ -7,8 +7,6 @@ on:
   push:
     branches: ["main"]
 
-permissions: read-all
-
 jobs:
   analysis:
     name: Scorecard analysis
@@ -20,8 +18,17 @@ jobs:
       security-events: write
       # Needed to publish results and get a badge (see publish_results below).
       id-token: write
-      contents: read
       actions: read
+      attestations: read
+      checks: read
+      contents: read
+      deployments: read
+      issues: read
+      discussions: read
+      packages: read
+      pages: read
+      pull-requests: read
+      statuses: read
 
     steps:
       - name: "Checkout code"