Fix codescan alerts for GitHub permission in workflow

[VaradaNambiar]

Previous fix of adding permissions on the root of jobs was inefficient because there were some jobs that didn't need pull-request: write permission. So in this PR I have removed those lines and

1. Identified the jobs in ci-results-repo.yml that codescan alerted as github permission not specified.
2. Applied permissions suggested by copilot to only those jobs

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.14%. Comparing base (cbdf1f9) to head (54348cb).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master      #18   +/-   ##
=======================================
  Coverage   89.14%   89.14%           
=======================================
  Files          16       16           
  Lines         949      949           
  Branches      199      199           
=======================================
  Hits          846      846           
  Misses        103      103           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.