Add a permissions block for generated workflows

Ensure that all workflows are able to write security events.

.github/workflows/__javascript-source-root.yml

@@ -26,6 +26,8 @@ jobs:
         version: [latest, cached, nightly-latest] # This feature is not compatible with old CLIs
         os: [ubuntu-latest]
     name: Custom source root
+    permissions:
+      security-events: write
     runs-on: ${{ matrix.os }}
     steps:
     - name: Check out repository