Fix minimum token permissions for workflows that perform git push operations

[Copilot]

This PR addresses the minimum token permissions requirement for GitHub workflows that perform git push operations.

Analysis

I analyzed all workflow files in .github/workflows/ to identify which ones perform git push operations and checked their current permissions:

1. create-or-update-release-pr.yml - ❌ Needed fix: Performs git push operations but only had contents: read
2. publish-to-npm.yml - ✅ OK: Uses --no-push flag, doesn't actually push to git
3. benchmark.yml - ✅ OK: Already has contents: write with proper comment
4. docs.yaml - ✅ OK: Already has contents: write with proper comment

Changes Made

Updated .github/workflows/create-or-update-release-pr.yml:

• Changed contents: read to contents: write # required for pushing changes

This workflow performs multiple git push operations:

• Direct git push origin main --force in the workflow steps
• git push --set-upstream $RELEASE_PR_REMOTE --force release/next-version through the npm script _github:update_release_branch

The fix is minimal - only one line changed in one file, with the required trailing comment as specified in the issue.

Fixes #48.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.