fix(workflow): remove unnecessary permissions

Author: stefaniuk

.github/workflows/cicd-2-publish.yaml

@@ -13,7 +13,6 @@ permissions:
   contents: write
   issues: write
   packages: write
-  pull-requests: write # optional
   id-token: write
   attestations: write
 

README.md

@@ -126,7 +126,6 @@ Follow these steps to create and configure a minimal‑permission GitHub App tha
      - Repository permissions:
        - _Contents: Read & write_, needed to create tags and commit `VERSION`
        - _Issues: Read & write_, enables adding release notes comments
-       - _Pull Requests: Read & write_, allows future Pull Request automation and is optional
        - All other repository permissions: No access
      - _Organization permissions: None required_
      - _Account permissions: None required_
@@ -339,7 +338,6 @@ Other semver-valid formats such as `1.2.3+api` or `api_v1.2.3` were evaluated, b
 - Use `${{ github.token }}` instead of the legacy `${{ secrets.GITHUB_TOKEN }}`, the former is guaranteed to exist in all workflow contexts and is the modern standard
 - In _repository → Settings → Actions → General_, ensure the following are configured:
   - _Read repository contents and packages permissions_ under _Workflow permissions_
-  - _Allow GitHub Actions to create and approve pull requests_ is optional
 
 This _"flat registry with tagged components"_ model scales cleanly across repositories while remaining compliant with GitHub's authentication and namespace rules. It also provides a consistent, human-readable way to publish and manage multiple container images under one project.