Add the Scorecard Action

[pnacht]

Fixes #7625.

As discussed in the linked issue, this PR adds the Scorecard Action to monitor the project's supply-chain security posture.

I've also taken the liberty of adding an optional badge to the README showing the project's mind-blowing 8.5/10 score (top 0.1%!): .

If you'd rather I remove the badge, let me know and I'll happily drop it.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (a57ad01) 99.54% compared to head (6f210db) 99.63%.
Report is 12 commits behind head on 3.x.

Additional details and impacted files

@@             Coverage Diff              @@
##                3.x    #7626      +/-   ##
============================================
+ Coverage     99.54%   99.63%   +0.08%     
- Complexity     6801     6802       +1     
============================================
  Files           752      752              
  Lines         47706    47707       +1     
  Branches       6401     6401              
============================================
+ Hits          47490    47532      +42     
+ Misses          103       79      -24     
+ Partials        113       96      -17     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.