Potential fix for code scanning alert no. 4: Workflow does not contain permissions

[VisualBean]

Potential fix for https://github.com/ByteBardOrg/AsyncAPI.NET/security/code-scanning/4

Add an explicit permissions block at the workflow level (right after on: block and before jobs:) to enforce least privilege for all jobs in this workflow.

Best minimal permissions for current behavior:

• contents: read (safe baseline, common for actions metadata/repo reads)
• pull-requests: write (required for creating/updating/deleting sticky PR comments)

This preserves existing functionality (linting PR title + posting/removing PR comment) while preventing broader default token scopes from being used.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b1e1f619-5da0-46c0-9aef-4410ba88930b

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch alert-autofix-4

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

We require all PRs to follow Conventional Commits specification.
More details 👇🏼

 No release type found in pull request title "Potential fix for code scanning alert no. 4: Workflow does not contain permissions". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

Available types:
 - feat: A new feature
 - fix: A bug fix
 - docs: Documentation only changes
 - style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
 - refactor: A code change that neither fixes a bug nor adds a feature
 - perf: A code change that improves performance
 - test: Adding missing tests or correcting existing tests
 - build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
 - ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
 - chore: Other changes that don't modify src or test files
 - revert: Reverts a previous commit