Feat/add codeql

[dgtlctzn]

Adding CodeQL as a data source in Vulnbot so we can have slack alerts reflect these vulnerabilities.

GitHub's graphql endpoints do not give access to query code scanning alerts by org so I had to use the V3 REST API via the go-github package. The existing GH token should be sufficient for auth purposes. I updated the go version to use the latest version of this package.

[codecov]

Codecov Report

❌ Patch coverage is 47.94521% with 38 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.61%. Comparing base (67054bd) to head (5a95fda).

Files with missing lines	Patch %	Lines
querying/codeql.go	50.00%	29 Missing and 6 partials ⚠️
internal/datasources.go	0.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #98      +/-   ##
==========================================
- Coverage   76.92%   74.61%   -2.31%     
==========================================
  Files          15       16       +1     
  Lines         845      918      +73     
==========================================
+ Hits          650      685      +35     
- Misses        182      214      +32     
- Partials       13       19       +6     

Flag	Coverage Δ
unittests	74.61% <47.94%> (-2.31%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[joeyviolacode]

Nothing glaringly weird, though my go isn't super sharp.