Addressing workflow security warning

Author: merschformann

.github/workflows/go-lint.yml

@@ -3,6 +3,9 @@ on:
   push:
   pull_request:
     types: [opened, synchronize, reopened]
+permissions:
+  contents: read
+
 jobs:
   sdk-go-lint:
     runs-on: ubuntu-latest

.github/workflows/go-test.yml

@@ -3,6 +3,9 @@ on:
   push:
   pull_request:
     types: [opened, synchronize, reopened]
+permissions:
+  contents: read
+
 jobs:
   sdk-go-build-test:
     runs-on: ubuntu-latest

.github/workflows/json-lint.yml

@@ -3,6 +3,9 @@ on:
   push:
   pull_request:
     types: [opened, synchronize, reopened]
+permissions:
+  contents: read
+
 jobs:
   sdk-json-lint:
     runs-on: ubuntu-latest

.github/workflows/markdown-lint.yml

@@ -3,6 +3,9 @@ on:
   push:
   pull_request:
     types: [opened, synchronize, reopened]
+permissions:
+  contents: read
+
 jobs:
   sdk-markdown-lint:
     runs-on: ubuntu-latest

.github/workflows/release.yml

@@ -3,14 +3,13 @@ run-name: Release by @${{ github.actor }} from ${{ github.ref_name }}
 
 on: [push]
 
-permissions:
-  contents: write
-  pull-requests: write
-
 jobs:
   release:
     if: ${{ github.ref_type == 'branch' }}
     uses: nextmv-io/release/.github/workflows/release.yml@develop
+    permissions:
+      contents: write
+      pull-requests: write
     with:
       BRANCH: ${{ github.ref_name }}
       REPOSITORY: sdk
@@ -25,6 +24,8 @@ jobs:
     needs: [release]
     if: ${{ needs.release.outputs.RELEASE_NEEDED == 'true' && needs.release.outputs.SHOULD_NOTIFY_SLACK == 'true' }}
     uses: nextmv-io/release/.github/workflows/notify-slack.yml@develop
+    permissions:
+      contents: read
     with:
       PACKAGE_NAME: sdk
       VERSION: ${{ needs.release.outputs.VERSION }}