Update security permissions for GitHub workflows (#252)

.github/workflows/build-publish.yml

@@ -18,6 +18,8 @@ on:
 jobs:
   build-wheels:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python

.github/workflows/build.yml

@@ -1,6 +1,9 @@
 name: build
 on: [pull_request, push]
 
+permissions:
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest

.github/workflows/pre-commit.yml

@@ -2,6 +2,10 @@
 # This GitHub Action assumes that the repo contains a valid .pre-commit-config.yaml file.
 name: pre-commit
 on: [pull_request, push]
+
+permissions:
+  contents: read
+
 jobs:
   pre-commit:
     runs-on: ubuntu-latest