Potential fix for code scanning alert no. 2: Workflow does not contain permissions

[DmitriyMusatkin]

Potential fix for https://github.com/awslabs/aws-c-s3/security/code-scanning/2

To fix the issue, we need to add a permissions block to the workflow. Since the workflow only checks out sources and runs a linting script, it does not require write permissions. The minimal permissions required are contents: read. This block can be added at the root level of the workflow to apply to all jobs, or specifically to the clang-format job.

The best approach is to add the permissions block at the root level of the workflow for simplicity and clarity, as there is only one job in this workflow.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.75%. Comparing base (36e2c37) to head (275af2f).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #539      +/-   ##
==========================================
- Coverage   88.78%   88.75%   -0.03%     
==========================================
  Files          22       22              
  Lines        6722     6722              
==========================================
- Hits         5968     5966       -2     
- Misses        754      756       +2     

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.