Potential fix for code scanning alert no. 11: Workflow does not contain permissions (#207)

Potential fix for
[https://github.com/erickisos/simple-serverless-project/security/code-scanning/11](https://github.com/erickisos/simple-serverless-project/security/code-scanning/11)

In general, this issue is fixed by explicitly defining a `permissions`
block for the workflow or for each job, restricting the `GITHUB_TOKEN`
to the minimal scopes needed. For a typical CI workflow that only checks
out code and runs lint/tests, `contents: read` at the workflow root is
usually sufficient, and no write permissions are necessary.

For this specific workflow (`.github/workflows/code-quality.yml`),
neither `lint` nor `test` jobs perform any write operations against the
repository or GitHub resources; they just read the code and run tools
locally. Therefore, the single best fix is to add a workflow-level
`permissions` block right after the `name:` declaration, setting
`contents: read`. This will apply to both jobs without any further
changes and will not alter existing functionality, since all current
steps only require read access to repository contents.

Concretely:
- Edit `.github/workflows/code-quality.yml`.
- Insert:

  ```yaml
  permissions:
    contents: read
  ```

  after line 1 (`name: Code Quality Checks`) and before the `on:` block.
- No additional imports, methods, or definitions are needed because this
is purely a YAML workflow configuration change.


_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: erickisos

.github/workflows/code-quality.yml

@@ -1,5 +1,8 @@
 name: Code Quality Checks
 
+permissions:
+  contents: read
+
 on:
   push:
     branches-ignore: