Potential fix for code scanning alert no. 1: Workflow does not contain permissions

[shamaton]

Potential fix for https://github.com/shamaton/msgpack/security/code-scanning/1

Add explicit permissions in .github/workflows/test.yml:

1. Workflow-level default: set permissions: { contents: read } near the top (after on), so all jobs get least-privilege read access by default.
2. Job-level override for lint: add permissions under jobs.lint with:
   • contents: read
   • pull-requests: write (needed for reviewdog with reporter: github-pr-review to post PR review comments)

This keeps existing behavior while constraining token access. No imports, methods, or external definitions are needed.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.57%. Comparing base (a605fc6) to head (9195204).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #75   +/-   ##
=======================================
  Coverage   95.57%   95.57%           
=======================================
  Files          73       73           
  Lines        6366     6366           
=======================================
  Hits         6084     6084           
  Misses        167      167           
  Partials      115      115           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.