Improve workflow permissions

Since our project has been created before February 2023, we have the
more permissive permission `write-all` set for the `GITHUB_TOKEN` used
by the workflow. Therefore, to apply the principle of least privilege,
we now explicitly specify the permisisons needed for each workflow.

In addition, I've applied the same styling format for all current
workflows for consistency.

Author: edif2008

.github/workflows/pr-check-signed-commits.yml

@@ -1,12 +1,14 @@
 name: Check signed commits in PR
+
 on: pull_request_target
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   build:
     name: Check signed commits in PR
-    permissions:
-      contents: read
-      pull-requests: write
     runs-on: ubuntu-latest
     steps:
       - name: Check signed commits in PR

.github/workflows/release-pr.yml

@@ -1,8 +1,12 @@
+name: Open Release PR for review
+
 on:
   create:
     branches:
 
-name: Open Release PR for review
+permissions:
+  contents: read
+  pull-requests: write
 
 jobs:
   # This job is necessary because GitHub does not (yet) support

.github/workflows/release.yml

@@ -5,6 +5,9 @@ on:
     branches: main
     types: closed
 
+permissions:
+  contents: write
+
 jobs:
   release:
     runs-on: ubuntu-latest

.github/workflows/test.yml

@@ -1,11 +1,13 @@
 name: Tests
-permissions:
-  contents: read
+
 on:
   push:
     branches: main
   pull_request:
 
+permissions:
+  contents: read
+
 jobs:
   test:
     name: Test