Potential fix for code scanning alert no. 1814: Workflow does not contain permissions

[ajay-dhangar]

Potential fix for https://github.com/codeharborhub/codeharborhub.github.io/security/code-scanning/1814

To fix this, explicitly declare minimal GITHUB_TOKEN permissions in the workflow. Since the job checks out the code and builds a Docker image locally, it only needs read access to the repository contents. We can add a top-level permissions block (applies to all jobs unless overridden) with contents: read. This does not change the functional behavior of the workflow but ensures the token cannot perform write operations.

Concretely, in .github/workflows/docker-image.yml, insert:

permissions:
  contents: read

right after the name: Docker Image CI line (line 1) and before the on: section (line 3). No additional imports or methods are needed; this is purely a YAML configuration change in the workflow file.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[github-actions]

Great job, @ajay-dhangar! 🎉 Thank you for submitting your pull request to CodeHarborHub. We appreciate your contribution and enthusiasm! Our team will review it soon. If you have any questions or need further assistance, feel free to reach out. Thanks for contributing!

[deepsource-io]

Here's the code health analysis summary for commits 211c224..71f5f4e. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
JavaScript	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[github-actions]

⚡️ Lighthouse Report for the Deploy Preview of this PR 🚀

🔗 Site: CodeHarborHub | Live Site

URL 🌐	Performance	Accessibility	Best Practices	SEO	📊
/	🔴 28	🟡 77	🟡 75	🟢 100	📄
/docs	🟡 51	🟡 89	🟡 75	🟢 100	📄
/courses	🟡 58	🟡 88	🟢 96	🟢 100	📄
/showcase	🟡 54	🟡 87	🟡 75	🟡 86	📄
/community	🟡 57	🟡 88	🟢 96	🟢 100	📄