Create codeql-analysis.yml

[JoshHiles]

Description

Adding codeql scanning for 3.0.0 branch

Related Issue

Closes #138

Motivation and Context

Currently no static code analysis, adding codeql scanning will advise us on any potential problems

Types of changes

• [ ] Bug fix (non-breaking change which fixes an issue)
• [x] New feature (non-breaking change which adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to change)
• [ ] Documentation

Checklist:

• [x] I have read the CONTRIBUTING document.
• [x] I have checked to ensure there aren't other open PULL REQUESTS for the same update/change.
• [x] My code follows the code style of this project.
• [ ] I have updated the documentation accordingly where applicable.
• [ ] I have added tests to cover my changes.
• [ ] All new and existing tests passed.
• [ ] Coverage is 100% for new code.

[M-Zuber]

If I understand the error correctly, the issue is that the project file needs to be updated? I think it would be okay to have that change as part of this PR.

If that is not the issue, then I am unsure how would be best to proceed

[JoshHiles]

@M-Zuber All fixed now, the autobuild doesnt support .net 6 yet so had to manually setup dotnet 6 and build the project that way and if you have a look here https://github.com/scientistproject/Scientist.net/security/code-scanning we get a nice 'latest scan' section too

[M-Zuber]

lets do this.gif