Potential fix for code scanning alert no. 11: Workflow does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: mmilian

.github/workflows/build.yml

@@ -13,6 +13,8 @@ jobs:
     # Only run this job when *not* publishing a tag
     if: startsWith(github.ref, 'refs/tags/') != true
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
 
     steps:
       - name: Checkout source code
@@ -31,6 +33,9 @@ jobs:
   security:
     if: startsWith(github.ref, 'refs/tags/') != true
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
     steps:
       - uses: actions/checkout@v4
       - name: Run Snyk to check for vulnerabilities