Potential fix for code scanning alert no. 28: Workflow does not contain permissions

[VaradaNambiar]

Potential fix for https://github.com/arup-group/github-action-benchmark/security/code-scanning/28

To fix the flagged issue, add an explicit permissions block to the pytest-benchmark job definition, ensuring it only requests the minimum required privileges. As all visible steps in the job perform local computation or actions requiring only repository read access (like checking out repositories, running benchmarks/tests, reading/writing local files), setting contents: read meets CodeQL’s recommended minimal permissions and aligns with the principle of least privilege. No other edits are needed anywhere else in the file. You should insert the permission block (indented two spaces) directly above the runs-on line (ubuntu-latest) inside the job definition.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.14%. Comparing base (a2d5f32) to head (e03a3cb).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master      #17   +/-   ##
=======================================
  Coverage   89.14%   89.14%           
=======================================
  Files          16       16           
  Lines         949      949           
  Branches      200      200           
=======================================
  Hits          846      846           
- Misses         99      103    +4     
+ Partials        4        0    -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.