Specify explicit contents: read workflow permissions

Three CI workflows that need only `contents: read` permissions and
no other permissions did not have explicit permissions set, and
would therefore be given permissions configured for the repository.

It is recommended to set explicit workflow permissions. This does
so, bringing those workflows inline with `pythonpackage.yml` (which
had this), and closing three `actions/missing-workflow-permissions`
CodeQL alerts (new since #2032 enabled scanning of GHA workflows).

See also:
https://codeql.github.com/codeql-query-help/actions/actions-missing-workflow-permissions/

Author: EliahKagan

.github/workflows/alpine-test.yml

@@ -2,6 +2,9 @@ name: test-alpine
 
 on: [push, pull_request, workflow_dispatch]
 
+permissions:
+  contents: read
+
 jobs:
   test:
     runs-on: ubuntu-latest

.github/workflows/cygwin-test.yml

@@ -2,6 +2,9 @@ name: test-cygwin
 
 on: [push, pull_request, workflow_dispatch]
 
+permissions:
+  contents: read
+
 jobs:
   test:
     runs-on: windows-latest

.github/workflows/lint.yml

@@ -2,6 +2,9 @@ name: Lint
 
 on: [push, pull_request, workflow_dispatch]
 
+permissions:
+  contents: read
+
 jobs:
   lint:
     runs-on: ubuntu-latest