Fix custom-module copies inheriting read-only permissions

[nurpax]

What does this PR do?

Fixes #45684.

shutil.copy is copyfile + copymode, so when source files are read-only (common with version-control systems like Perforce that check files out as r--r--r-- until edit), the destination inherits those permissions. This breaks post-save tooling that wants to rewrite the saved module file, and leaves users with read-only files in their saved-model directories.

The fix swaps shutil.copy for shutil.copyfile at all five call sites in dynamic_module_utils.py (one in custom_object_save, four in get_cached_module_file). copyfile copies file contents only; the destination, when newly created, gets standard umask-based permissions, which is what callers of save_pretrained expect.

A regression test is added to tests/utils/test_dynamic_module_utils.py: it makes a source module read-only, calls custom_object_save, and asserts the destination is writable. The test fails on main and passes with this fix.

Code Agent Policy

• I confirm that this is not a pure code agent PR.
  • AI was used for making the change, but I hand-edited, reviewed and added tests myself.

Before submitting

• This PR fixes a typo or improves the docs (you can dismiss the other checks if that's the case).
• Did you read the contributor guideline, Pull Request section? (I read and tried make style but it changes many files I did not touch and exits with errors)
• Was this discussed/approved via a Github issue or the forum? Please add a link to it if that's the case.
  • not discussed yet but issue is here: save_pretrained (with register_for_auto_class`) propagates read-only permissions from custom-model source files #45684
• Did you make sure to update the documentation with your changes? Here are the documentation guidelines, and here are tips on formatting docstrings.
  • I don't think this warrants a docs change
• Did you write any new necessary tests?
  • yes!

Who can review?

@Cyrilvallez (model loading)

[nurpax]

AI was used to author some of this code but I reviewed & hand-edited the contribution myself.

[Rocketknight1]

Looks good, but we can skip the test I think! The custom saving code doesn't get updated too often, so we should be fine without a regression test. Can you revert the test file and ping me to merge the fix?

[nurpax]

Thanks @Rocketknight1! I removed the test case in the latest commit version. The change should be ready to merge.

[Rocketknight1]

Yep, LGTM now. Thank you!

[HuggingFaceDocBuilderDev]

The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update.