Potential fix for code scanning alert no. 3: Workflow does not contain permissions

[kylecorry31]

Potential fix for https://github.com/kylecorry31/Trail-Sense/security/code-scanning/3

To fix this problem, an explicit permissions block needs to be added, containing only the minimum required privileges for this workflow. The job creates pull requests through the peter-evans/create-pull-request action, so it needs pull-requests: write permission. For most use cases, contents: read is also specified to maintain repository read access, but elevated permissions like contents: write are not required since all code changes are pushed through a PR, not directly to the default branch.

The best way to fix this is to add the following at the root (top-level) of the workflow YAML file (after the name and before on: block):

permissions:
  contents: read
  pull-requests: write

Alternatively, you can add it within the specific job, but top-level is preferred as it is more clear and applies to all jobs unless individually overridden.

File/line to change:
.github/workflows/contributors.yml, just after the name: Update Contributors line (before on:).

No new imports or methods are required for this change.

---

Suggested fixes powered by Copilot Autofix. Review carefully before merging.