Fix potential github action smells

[ceddy4395]

Hey! 🙂 I've made the following changes to your workflow:

• Avoid incorrectly indented workflows
  • Make sure that workflows are readable for other developers so that they can easily understand what the workflow is doing.
• Prevent running issue/PR actions on forks
  • Running workflows that modify issues on forks will fail because they do not have access to the issues on the original repository.
• Define permissions for workflows with external actions
  • Permissions should be used when running actions written by other developers because there may be security leaks exposed through these actions.
• Use commit hash instead of tags for action versions
  • When using a tag as version, the code related to the tag can be changed after the tag is created, whereas when using the commit hash this cannot. Therefore, for consistency and security a commit hash should be used.

(These changes are part of a research Study at TU Delft looking at GitHub Action Smells. Find out more)

[vercel[bot]]

@ceddy4395 is attempting to deploy a commit to the NextChat Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions[bot]]

Your build has completed!

[Preview deployment]()