fix(docker): grant security-events: write for Trivy SARIF upload

The 'Upload Trivy image scan results' step (codeql-action/upload-sarif)
needs security-events: write, which the workflow's permissions block lacked
('Resource not accessible by integration'). Add it.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Author: Patel230

.github/workflows/docker.yml

@@ -15,6 +15,7 @@ on:
 permissions:
   contents: read
   packages: write
+  security-events: write
 
 env:
   REGISTRY: ghcr.io