fix(ci): Add explicit permissions to workflow jobs

- Add pull-requests: write permission to auto_assign job
- Add pull-requests: write permission to label_pr_on_title jobs
- Add issues: write permission to on_merged_pr job
- Add pull-requests: write permission to on_opened_pr jobs

These explicit permissions are required for GitHub Actions to modify
pull requests and issues when using fine-grained tokens or in
organizations with restricted default permissions.

Author: adrianjhunter

.github/workflows/auto_assign.yml

@@ -6,5 +6,7 @@ on:
 jobs:
   add-reviews:
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
       - uses: kentaro-m/auto-assign-action@v2.0.0

.github/workflows/label_pr_on_title.yml

@@ -20,6 +20,8 @@ jobs:
   label_pr:
     needs: get_pr_details
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v6

.github/workflows/on_merged_pr.yml

@@ -19,6 +19,8 @@ jobs:
     needs: get_pr_details
     runs-on: ubuntu-latest
     if: needs.get_pr_details.outputs.prIsMerged == 'true'
+    permissions:
+      issues: write
     steps:
       - uses: actions/checkout@v6
       - name: "Label PR related issue for release"

.github/workflows/on_opened_pr.yml

@@ -18,6 +18,8 @@ jobs:
   check_related_issue:
     needs: get_pr_details
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
       - uses: actions/checkout@v6
       - name: "Ensure related issue is present"
@@ -35,6 +37,8 @@ jobs:
   check_acknowledge_section:
     needs: get_pr_details
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
       - uses: actions/checkout@v6
       - name: "Ensure acknowledgement section is present"