ci: declare explicit token permissions in reusable workflows

[Rohan5commit]

Summary

• add explicit permissions to reusable CI workflows used by Node CI and nightly CI
• set contents: read for cache/test reusable workflows that only need checkout access
• set contents: read and pull-requests: write for pkg-pr-new so publish comment behavior remains intact

Why

Several workflows relied on implicit default GITHUB_TOKEN scopes. Declaring explicit least-privilege permissions makes required access clear and avoids overbroad defaults.

Validation

• reviewed each workflow for required token usage
• confirmed no job steps requiring broader repository write permissions

[netlify]

✅ Deploy Preview for jestjs ready!

Built without sensitive environment variables

Name	Link
🔨 Latest commit	1e452c2
🔍 Latest deploy log	https://app.netlify.com/projects/jestjs/deploys/699a7101f3e1840008293824
😎 Deploy Preview	https://deploy-preview-15965--jestjs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[linux-foundation-easycla]

• ❌ - login: @rohan436 / name: rohan436 . The commit (1e452c2) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.

[pkg-pr-new]

Open in StackBlitz

babel-jest

npm i https://pkg.pr.new/babel-jest@15965

babel-plugin-jest-hoist

npm i https://pkg.pr.new/babel-plugin-jest-hoist@15965

babel-preset-jest

npm i https://pkg.pr.new/babel-preset-jest@15965

create-jest

npm i https://pkg.pr.new/create-jest@15965

@jest/diff-sequences

npm i https://pkg.pr.new/@jest/diff-sequences@15965

expect

npm i https://pkg.pr.new/expect@15965

@jest/expect-utils

npm i https://pkg.pr.new/@jest/expect-utils@15965

jest

npm i https://pkg.pr.new/jest@15965

jest-changed-files

npm i https://pkg.pr.new/jest-changed-files@15965

jest-circus

npm i https://pkg.pr.new/jest-circus@15965

jest-cli

npm i https://pkg.pr.new/jest-cli@15965

jest-config

npm i https://pkg.pr.new/jest-config@15965

@jest/console

npm i https://pkg.pr.new/@jest/console@15965

@jest/core

npm i https://pkg.pr.new/@jest/core@15965

@jest/create-cache-key-function

npm i https://pkg.pr.new/@jest/create-cache-key-function@15965

jest-diff

npm i https://pkg.pr.new/jest-diff@15965

jest-docblock

npm i https://pkg.pr.new/jest-docblock@15965

jest-each

npm i https://pkg.pr.new/jest-each@15965

@jest/environment

npm i https://pkg.pr.new/@jest/environment@15965

jest-environment-jsdom

npm i https://pkg.pr.new/jest-environment-jsdom@15965

@jest/environment-jsdom-abstract

npm i https://pkg.pr.new/@jest/environment-jsdom-abstract@15965

jest-environment-node

npm i https://pkg.pr.new/jest-environment-node@15965

@jest/expect

npm i https://pkg.pr.new/@jest/expect@15965

@jest/fake-timers

npm i https://pkg.pr.new/@jest/fake-timers@15965

@jest/get-type

npm i https://pkg.pr.new/@jest/get-type@15965

@jest/globals

npm i https://pkg.pr.new/@jest/globals@15965

jest-haste-map

npm i https://pkg.pr.new/jest-haste-map@15965

jest-jasmine2

npm i https://pkg.pr.new/jest-jasmine2@15965

jest-leak-detector

npm i https://pkg.pr.new/jest-leak-detector@15965

jest-matcher-utils

npm i https://pkg.pr.new/jest-matcher-utils@15965

jest-message-util

npm i https://pkg.pr.new/jest-message-util@15965

jest-mock

npm i https://pkg.pr.new/jest-mock@15965

@jest/pattern

npm i https://pkg.pr.new/@jest/pattern@15965

jest-phabricator

npm i https://pkg.pr.new/jest-phabricator@15965

jest-regex-util

npm i https://pkg.pr.new/jest-regex-util@15965

@jest/reporters

npm i https://pkg.pr.new/@jest/reporters@15965

jest-resolve

npm i https://pkg.pr.new/jest-resolve@15965

jest-resolve-dependencies

npm i https://pkg.pr.new/jest-resolve-dependencies@15965

jest-runner

npm i https://pkg.pr.new/jest-runner@15965

jest-runtime

npm i https://pkg.pr.new/jest-runtime@15965

@jest/schemas

npm i https://pkg.pr.new/@jest/schemas@15965

jest-snapshot

npm i https://pkg.pr.new/jest-snapshot@15965

@jest/snapshot-utils

npm i https://pkg.pr.new/@jest/snapshot-utils@15965

@jest/source-map

npm i https://pkg.pr.new/@jest/source-map@15965

@jest/test-result

npm i https://pkg.pr.new/@jest/test-result@15965

@jest/test-sequencer

npm i https://pkg.pr.new/@jest/test-sequencer@15965

@jest/transform

npm i https://pkg.pr.new/@jest/transform@15965

@jest/types

npm i https://pkg.pr.new/@jest/types@15965

jest-util

npm i https://pkg.pr.new/jest-util@15965

jest-validate

npm i https://pkg.pr.new/jest-validate@15965

jest-watcher

npm i https://pkg.pr.new/jest-watcher@15965

jest-worker

npm i https://pkg.pr.new/jest-worker@15965

pretty-format

npm i https://pkg.pr.new/pretty-format@15965

commit: 1e452c2