Add third party tools to Github Code Scanning

[scruti]

Trello card URL

• https://trello.com/c/lNb22HyK

Changes in this PR:

Add third-party tools integration with Github Code Scanning:

• Brakeman
• Google Open Source Vulnerabilities Scanner
• Codacy Static Analysis tools

Screenshots of UI changes:

Before

After

Checklists:

Data & Schema Changes

If this PR modifies data structures or validations, check the following:

• Adds/removes model validations
• Adds/removes database fields
• Modifies Vacancy enumerables (phases, working patterns, job roles, key stages, etc.)

If any of the above options has changed then the author must check/resolve all of the following...

Integration Impact

Does this change affect any of these integrations?

• DfE Analytics platform
• Legacy imports mappings
• DWP Find a Job export mappings
• Publisher ATS API (may require mapping updates or API versioning)

User Experience & Data Integrity

Could this change impact:

• Existing subscription alerts (will legacy subscription search filters break?)
• Legacy vacancy copying (will copied vacancies fail new validations?)
• In-progress drafts for Vacancies or Job Applications

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.