feat: Add minimum permissions to your workflows #304
Description
Adding minimum permissions to GitHub workflows is important to protect your repository against supply-chain attacks. GitHub, by default, gives higher permissions to workflows but recommends adjusting them to minimum permissions as necessary. I see rust.yml seems to be used for tests, and the tests don't need much permissions. contents: read permission would be enough to perform the actions/checkout and actions-rs/cargo. If you'd like I can open a PR to make the changes!
Also, this is considered good-practice and recommended by security tools, such as Scorecards and StepSecurity.
Additional Context
I'm Gabriela and I work on behalf of Google and the OpenSSF suggesting supply-chain security changes :)