Ensure top-level permissions are not set to write-all

[buberdds]

Fix MegaLinter error. Currently CI is failing due to (default write-all?)

  	FAILED for resource: on(Mega-Linter)
  	File: /.github/workflows/mega-linter.yml:0-1
  Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
  	FAILED for resource: on(dump-validators)
  	File: /.github/workflows/dump-validators.yml:0-1
  Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
  	FAILED for resource: on(Build and test)
  	File: /.github/workflows/build-test.yaml:0-1```

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	3		0	0.12s
✅ EDITORCONFIG	editorconfig-checker	3		0	0.01s
✅ REPOSITORY	checkov	yes		no	14.51s
✅ REPOSITORY	git_diff	yes		no	0.0s
✅ YAML	prettier	3	0	0	0.62s
✅ YAML	v8r	3		0	2.95s
✅ YAML	yamllint	3		0	0.23s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Pages

Latest commit:	e43e764
Status:	✅  Deploy successful!
Preview URL:	https://e168cd38.oasis-wallet.pages.dev
Branch Preview URL:	https://mz-linterfix.oasis-wallet.pages.dev

View logs

[lukaw3d]

Ah, I was planning to add these at some point
dump-validators needs:

permissions: # Limit secrets.GITHUB_TOKEN permissions
  contents: write
  pull-requests: write

[lukaw3d]

I think megalinter currently needs:

permissions: # Limit secrets.GITHUB_TOKEN permissions
  contents: write
  pull-requests: write

unless we disable APPLY_FIXES

[buberdds]

do we need anything specific for build-test.yaml or {} is Ok ?

[lukaw3d]

Seems to work 👍
I'd add a comment that this disables all permissions - syntax isn't intuitive to me