Enable Dependabot & CodeQL

Author: jwinskye

.github/dependabot.yml

@@ -1,20 +1,17 @@
 version: 2
 
 updates:
-  # Python dependencies (pip)
   - package-ecosystem: "pip"
     directory: "/"                  
     schedule:
       interval: "weekly"
     open-pull-requests-limit: 10
     rebase-strategy: "auto"
-    # Group minor/patch updates to reduce PR noise (Dependabot grouping)
     groups:
       pip-minor-and-patch:
         patterns: ["*"]
         update-types: ["minor", "patch"]
 
-  # GitHub Actions workflow dependencies
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

.github/workflows/codeql.yml

@@ -24,28 +24,13 @@ jobs:
 
     steps:
       - name: Checkout repository
-      # v4 of checkout is recommended
         uses: actions/checkout@v4
-
-      # Optional but helpful: ensures a Python is available if your repo has build steps
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.x"
-
-      # Optional: install deps so CodeQL can better understand imports (won't fail if file is missing)
-      - name: Install dependencies (optional)
-        run: |
-          if [ -f requirements.txt ]; then
-            pip install -r requirements.txt
-          fi
-
+     
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
 
-      # For Python, autobuild is generally no-op, but keep it for consistency
       - name: Autobuild
         uses: github/codeql-action/autobuild@v3