Remove unnecessary permissions from codeql.yml

This is another change back to the way we had it before, but the
removals are based specifically on the guidance in the default
workflow comments about why each permission was given by default.

Author: EliahKagan

.github/workflows/codeql.yml

@@ -27,16 +27,8 @@ jobs:
     # Consider using larger runners or machines with greater resources for possible analysis time improvements.
     runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
     permissions:
-      # required for all workflows
       security-events: write
 
-      # required to fetch internal or private CodeQL packs
-      packages: read
-
-      # only required for workflows in private repositories
-      actions: read
-      contents: read
-
     strategy:
       fail-fast: false
       matrix: