Add Dependabot and CodeQL

[aleks-ivanov]

trafficstars

• Dependabot alerts on updates for your dependencies, so you can spend less time updating dependencies and more time building. This also includes Dependabot features focused on automated security updates in which update packages that have known vulnerabilities.

• CodeQL is free research and open source tool for discovering vulnerabilities across a codebase. CodeQL lets you query code as though it were data. This issue proposes to run standard CodeQL queries for this repo and thus implement continuous security analysis.

Built with ❤ by Pipeline Foundation.