ci: scope down GitHub Token permissions

[AdnaneKhan]

Scope Down GitHub Token Permissions

This PR updates GitHub Actions workflows to use minimal required permissions instead of the default elevated permissions.

Why This Matters

Following the principle of least privilege, workflows should only have the specific permissions they need to function.

Changes

This PR adds explicit permissions: blocks to workflows that currently rely on default permissions, scoping them down to only what's required for their operations.

Please review the changes to ensure the specified permissions match your workflow requirements.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.33%. Comparing base (68039fa) to head (4037c4a).
⚠️ Report is 334 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #9804      +/-   ##
===========================================
- Coverage    93.40%   93.33%   -0.07%     
===========================================
  Files          211      209       -2     
  Lines        17012    16807     -205     
===========================================
- Hits         15890    15687     -203     
+ Misses        1122     1120       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.