codeql.ymlを作成する

[UMEBOSHIISAN]

Description

Add CodeQL GitHub Action to enable static code analysis for this repository.

Motivation

Improves security by enabling GitHub-native CodeQL scanning on every push or pull request.

Related Issues

N/A

[UMEBOSHIISAN]

This pull request introduces a new CodeQL workflow configuration file to .github/workflows/codeql.yml. The file sets up advanced CodeQL analysis for Python and other supported languages, enabling automated security scanning and quality checks on code changes.

CodeQL Workflow Setup:

• Added a new CodeQL workflow (.github/workflows/codeql.yml):
  • Configures CodeQL analysis for Python with build-mode: none and supports additional languages, including C/C++, Java/Kotlin, JavaScript/TypeScript, Ruby, Rust, Swift, and Actions.
  • Includes scheduled runs every Thursday at 23:23 UTC (cron: '23 23 * * 4') and triggers on push and pull_request events for the master branch.
  • Provides detailed comments and instructions for customizing the workflow, including adding setup steps, specifying custom queries, and handling manual build modes.

[UMEBOSHIISAN]

@binance-dev-team
Please review this PR when you have time. It adds basic CodeQL support for static analysis.