Potential fix for code scanning alert no. 4: Workflow does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: gms1

.github/workflows/ci.yml

@@ -7,6 +7,8 @@ on:
       - main
     tags:
       - '*'
+permissions:
+  contents: read
 env:
   FORCE_COLOR: 1
 jobs:
@@ -54,6 +56,8 @@ jobs:
         run: yarn lint
 
   build:
+    permissions:
+      contents: write
     needs: [verify-version, lint]
     runs-on: ${{ matrix.os }}
     strategy:
@@ -166,6 +170,8 @@ jobs:
         if: matrix.node == 24 && startsWith(github.ref, 'refs/tags/')
 
   build-musl:
+    permissions:
+      contents: write
     needs: [verify-version]
     if: github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/tags/')
     strategy: