Add permissions for content access in workflows

This update adds the 'permissions' section to both validate.yml and
webpack.yml to ensure that the workflows have read access to the
repository contents.
This change is necessary to ensure top-level permissions are not set to
write-all.

Author: DigiLive

.codacy.yml

@@ -15,6 +15,9 @@ engines:
   # CSS & Web Standards
   stylelint:
     enabled: true
+    config:
+      rules:
+        function-allowwed-list: ["url", "var", "filter", "invert"]
 
   # Documentation & Config
   markdownlint:

.github/workflows/validate.yml

@@ -3,6 +3,10 @@ on:
   push:
     branches:
       - main
+
+permissions:
+  contents: read
+
 jobs:
   hacs:
     name: HACS Action

.github/workflows/webpack.yml

@@ -5,6 +5,9 @@ on:
     branches:
       - main
 
+permissions:
+  contents: read
+
 jobs:
   check-for-changes:
     name: Check for changes