Replace LGTM with Github Actions

[thomas-bc]

Originating Project/Creator
Affected Component
Affected Architectures(s)	GitHub Actions
Related Issue(s)
Has Unit Tests (y/n)
Builds Without Errors (y/n)
Unit Tests Pass (y/n)
Documentation Included (y/n)

---

Change Description

Adds a Github Actions workflow that runs the security and quality static code analysis in order to phase LGTM out.

Rationale

lgtm.com will be shut down at the end of the year.

Future Work

Remove the LGTM configuration files once we're ok with phasing it out.

Comments

Results should be viewable once the checks are done. It's currently running all queries from the security-and-quality suite, let me know if we want to filter some categories out.

[LeStarch]

The changes look good, however; we might fix the breakages. @thomas-bc do you want to do that in this PR, or a separate one?

[thomas-bc]

I implemented the recommended way of dealing with the Uncontrolled data used in path expression alerts. Let me know what you think. It's using normpath() to normalize the path (i.e. resolve special instructions like ../ etc...) and check that the requested resource is within logdir.

The two Wrong number of arguments in a call alerts seem to be expected in both cases, so we should probably dismiss those alerts. One has the LGTM suppression flag, the other one is a test case testing the raising of an exception.

[LeStarch]

@thomas-bc looks good to me. Can we suppress-by-comment or is there some other way to do it? Regardless, I agree with the proposed path-forward.

[LeStarch]

@thomas-bc approved!