fix: add security-events write permission to CodeQL workflow

This adds the 'security-events: write' permission to allow the CodeQL Action
to access Code Scanning API endpoints and opt into experimental features.
Resolves the 'Resource not accessible by integration' warning.

Author: metcalfc

.github/workflows/codeql-analysis.yml

@@ -1,6 +1,7 @@
 name: 'Code Scanning - Action'
 permissions:
   contents: read
+  security-events: write
 
 on:
   push: