ci: enable CodeQL SAST scanning for automated security analysis

ci: enable CodeQL SAST scanning for automated security analysis #11586