chore(security scan): security scan

[pkanoongo]

Security Workflow Addition

This PR adds a standardized security scanning workflow to the repository.

Changes

• Added .github/workflows/security-scan.yaml workflow file
• Configured to run on pull requests, pushes to main, and manual dispatch
• Includes static analysis using Semgrep via open-turo/actions-security

Workflow Features

• Triggers: Pull requests, pushes to main branch, manual dispatch
• Permissions: Read contents, write PRs, write security events
• Static Analysis: Uses Semgrep for code security scanning
• Base Branch Checkout: Safely checks out the base branch for PR analysis

Security Benefits

• Automated security scanning on all code changes
• Integration with existing security tooling
• Standardized security practices across the organization
• Early detection of security issues before they reach production

What Gets Scanned

• Code Security: SQL injection, XSS, authentication bypass, etc.
• Secrets Detection: API keys, passwords, certificates
• Vulnerability Detection: Known security issues in dependencies

[github-actions]

Release notes preview

No new release will be created.

If you are expecting a release, you will need to either fix a bug or add a feature.
Chores, CI, docs, refactoring, style and other changes will not trigger a release.