chore(security): bump merge-conflict labeler to v3.1.0 and default-deny perms

Pin eps1lon/actions-label-merge-conflict to v3.1.0 (0273be7) and add a
top-level permissions: {} so the workflow defaults to no permissions and the
job grants only contents:read and pull-requests:write.

.github/workflows/conflict.yml

@@ -12,6 +12,8 @@ on:
     branches: [develop]
     types: [synchronize]
 
+permissions: {}
+
 jobs:
   label:
     name: 🏷️ Labeling Merge Conflicts
@@ -22,7 +24,7 @@ jobs:
       pull-requests: write
     steps:
       - name: 🚩 Apply merge conflict label
-        uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
+        uses: eps1lon/actions-label-merge-conflict@0273be72a0bbd58fcd71d0d6c02c209b50d1e5e1 # v3.1.0
         with:
           dirtyLabel: '⚔️ merge-conflict'
           commentOnDirty: 'This pull request has merge conflicts. Please resolve the conflicts so the PR can be successfully reviewed and merged.'