github: narrow perms in dependabot workflow

The dependabot workflow already specifies the exact permissions it needs within
the workflow steps, so there's no need to enable any default permissions.

Found by `zizmor`.

Signed-off-by: Austin Seipp <aseipp@pobox.com>

.github/workflows/dependabot.yml

@@ -8,7 +8,7 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
-permissions: read-all
+permissions: {}
 
 jobs:
   dependabot-auto-merge: