Potential fix for code scanning alert no. 56: Workflow does not contain permissions

[andykenward]

Potential fix for https://github.com/andykenward/github-actions-cloudflare-pages/security/code-scanning/56

The workflow should explicitly restrict the GITHUB_TOKEN permission using the permissions key.
The most secure and descriptive location is at the root of the workflow YAML file, directly after the name: or on: section. For a typical test/lint workflow as shown, contents: read is usually sufficient.
To fix, insert:

permissions:
  contents: read

at the root level (after the name: or on: key), applying to all jobs unless overridden. No changes are required within the jobs: block or individual steps. No extra methods, imports, or definitions are needed.

---

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 1bdf5ff

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR