16dff4fdd1
* no need to run CodeQL on Dependabit PRs; no related files are changed there * specify permissions * enable `security-and-quality` rules instead of the default rules * ignore `vendor` folders Signed-off-by: XhmikosR <xhmikosr@gmail.com>