ci: scope down GitHub Token permissions

[AdnaneKhan]

Scope Down GitHub Token Permissions

This PR updates GitHub Actions workflows to use minimal required permissions instead of the default elevated permissions.

Why This Matters

Following the principle of least privilege, workflows should only have the specific permissions they need to function.

Changes

This PR adds explicit permissions: blocks to workflows that currently rely on default permissions, scoping them down to only what's required for their operations.

Please review the changes to ensure the specified permissions match your workflow requirements.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 49.26%. Comparing base (436ebd3) to head (6e4f943).
⚠️ Report is 7 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop     #191      +/-   ##
===========================================
+ Coverage    48.31%   49.26%   +0.95%     
===========================================
  Files          248      248              
  Lines         8859     8917      +58     
  Branches       919      923       +4     
===========================================
+ Hits          4280     4393     +113     
+ Misses        4250     4188      -62     
- Partials       329      336       +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.