chore: update job permissions

Author: tsvetomir

.github/workflows/cd.yml

@@ -10,6 +10,12 @@ jobs:
   build:
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      id-token: write
+
     steps:
       - name: Check out branch
         uses: actions/checkout@v4
@@ -24,6 +30,9 @@ jobs:
       - name: Install modules
         run: npm ci --no-audit --ignore-scripts
 
+      - name: Verify the integrity of installed dependencies
+        run: npm audit signatures
+
       - name: Lint
         run: npm run lint
 

.github/workflows/ci.yml

@@ -9,6 +9,10 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+
     steps:
       - name: Check out repository
         uses: actions/checkout@v4