Create codeql.yml

[kwinto]

No description provided.

[Copilot]

Pull Request Overview

This PR adds a GitHub Actions workflow for CodeQL static analysis security scanning. The workflow is configured to analyze the repository for potential security vulnerabilities and code quality issues in Actions and JavaScript/TypeScript code.

Key changes:

• New CodeQL Advanced workflow that runs on push, pull requests to main, and weekly via cron schedule
• Configured to analyze both GitHub Actions workflows and JavaScript/TypeScript code
• Includes placeholder manual build steps that need customization if analyzing compiled languages

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[graymalkin77]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.