Add zizmor GitHub Actions workflow for CI security analysis

[jonathan343]

Overview

This PR adds a zizmor GitHub Actions workflow to scan this repository's workflows for common security issues.

zizmor is a static analysis tool for GitHub Actions. It helps detect insecure workflow patterns such as overly broad permissions, unsafe triggers, and unpinned or risky action usage.

References

Quote from PyPI blog:

"If you are using GitHub Actions as your continuous deployment provider, we highly recommend the tool "Zizmor" for detecting and fixing insecure workflows."

• Zizmor

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.