fix(linter): set proper permissions for CodeQL job

Signed-off-by: Emilien Escalle <emilien.escalle@escemi.com>

Author: neilime

.github/workflows/__pull-request-ci.yml

@@ -6,6 +6,7 @@ on:
  branches: [main]
 
 permissions:
+ actions: read
  contents: read
  statuses: write
  security-events: write

.github/workflows/__shared-ci.yml

@@ -4,6 +4,7 @@ on:
  workflow_call:
 
 permissions:
+ actions: read
  contents: read
  statuses: write
  security-events: write

.github/workflows/linter.md

@@ -38,7 +38,9 @@ on:
 permissions:
  contents: read
  statuses: write
- security-events: write # If using CodeQL
+ # If using CodeQL
+ actions: read
+ security-events: write
 
 jobs:
  main:

.github/workflows/linter.yml

@@ -95,6 +95,7 @@ jobs:
  name: 🛡️ CodeQL Analysis
  permissions:
  contents: read
+ actions: read
  security-events: write
  runs-on: ${{ fromJson(inputs.runs-on) }}
  strategy: