Merge pull request #3 from seemueller-io/1-fix-code-scanning-alert-workflow-does-not-contain-permissions

Set read permissions for workflows in tests and publish

.github/workflows/publish.yml

@@ -6,6 +6,9 @@ on:
 
 jobs:
   publish:
+    permissions:
+      contents: read
+      pull-requests: read
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

.github/workflows/tests.yml

@@ -9,6 +9,9 @@ on:
 
 jobs:
   tests:
+    permissions:
+      contents: read
+      pull-requests: read
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4