ci(workflows): add minimal permissions to coverage workflow

[JRocabruna]

Description

This pull request updates the security policy to enhance compliance with OpenSSF guidelines by adjusting permissions and access controls. These changes aim to improve the project's security posture and align with industry best practices.

• Related Issue:
  • Closes [SECURITY] - Apply Minimal Permissions to GitHub Actions Workflows Based on SSF Report #4
• Type of Change:
  • Bug fix (non-breaking change that fixes an issue)

Checklist

Please ensure the following guidelines are met:

• The code follows the style guidelines of this project.
• A self-review has been performed on the code.
• The code is well-documented, and comments have been added where necessary.
• Tests have been added to prove that the fix is effective or that the feature works. All existing tests pass.
• Commit messages follow the convention type(scope): description.
• The pull request has no conflicts with the base branch.
• Any dependent changes have been merged and published in downstream modules.

Additional Information

This update enhances the project's security by refining permissions in line with OpenSSF recommendations. No additional dependencies are introduced, and existing functionalities remain unaffected.

[DarkRockMountain-admin]

Comments

The addition of minimal permissions to the coverage workflow enhances the security of the CI pipeline. By specifying only the necessary permissions, this change aligns with the principle of least privilege, reducing potential security risks.

Review Checklist

• Code adheres to the project's coding guidelines.
• Changes are well-documented.
• Tests have been added/updated and pass successfully.
• Commit messages follow the correct format: type(scope): description.
• No conflicts with the base branch.

Approval

Approved: Changes look good and meet the project's contribution standards.