Set required permissions for the SDK size and DB entities checks

[gpunto]

Goal

SDK size & DB entities checks need write permissions for writing comments, so we're adding the relevant permission block. Up until now, this didn't cause problems because the token we're using has those permissions, but that doesn't work for Dependabot PRs. They receive a read-only token unless we declare permissions, which is why the corresponding failures in #6394.

Implementation

Add the permissions block

Testing

After merging this PR, we should update dependabot's PR and verify that the SDK size check succeeds

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions workflow permissions to explicitly define authorization scopes for continuous integration checks and SDK size verification tasks.

[github-actions]

PR checklist ✅

All required conditions are satisfied:

• Title length is OK (or ignored by label).
• At least one pr: label exists.
• Sections ### Goal, ### Implementation, and ### Testing are filled.

🎉 Great job! This PR is ready for review.

[github-actions]

DB Entities have been updated. Do we need to upgrade DB Version?
Modified Entities :

.github/workflows/check-entities.yml

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 9b6042af-95c4-4902-b1fc-7de537185002

📥 Commits

Reviewing files that changed from the base of the PR and between d76ee9f and 890f721.

📒 Files selected for processing (2)

• .github/workflows/check-entities.yml
• .github/workflows/sdk-size-checks.yml

---

Walkthrough

Two GitHub Actions workflows now explicitly declare permissions for the default token, specifying read access to repository contents and write access to pull requests and issues, rather than relying on implicit defaults.

Changes

Cohort / File(s)	Summary
Workflow Permissions .github/workflows/check-entities.yml, .github/workflows/sdk-size-checks.yml	Added explicit top-level permissions declarations with contents: read, pull-requests: write, and issues: write scopes to both workflows.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 Permission slips in pockets snug,
No longer default's vague hug,
Token scopes declared with care,
Security whispered through the air!
Two workflows now stand proud and bright, ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: adding required permissions to two GitHub Actions workflows for SDK size and DB entities checks.
Description check	✅ Passed	The description covers Goal and Implementation sections with clear rationale and context, but lacks Testing section details, UI Changes section (expected as not applicable), and contributor checklist completion.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sdk-size-checks-permissions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 7/8 reviews remaining, refill in 7 minutes and 30 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

SDK Size Comparison 📏

SDK	Before	After	Difference	Status
stream-chat-android-client	5.82 MB	5.82 MB	0.00 MB	🟢
stream-chat-android-ui-components	11.02 MB	11.02 MB	0.00 MB	🟢
stream-chat-android-compose	12.35 MB	12.35 MB	0.00 MB	🟢

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[stream-public-bot]

🚀 Available in v7.1.0