Set up CodeQL

[jakebailey]

Meant to do this when copying stuff over from the main repo.

Uses the config from microsoft/TypeScript#60828 but ignoring the TS submodule and all testdata files.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[jakebailey]

Quite a few things caught by CodeQL above, all to do with conversions in the evaluator where I actually think they're not "wrong" given JS's own truncation, but may mean we need to include some sort of explicit truncation or rounding to be clear about what we're doing for these JS evaluations.

[jakebailey]

All of the flagged stuff is valid, but mainly because it's showing that our handling of JS integers is wrong; I'll come up with a different PR with some tests which can better handle this.

[jakebailey]

With the new jsnum package, there's only one conversion complaint (the fast path), which I have silenced as it's intentional and its result is checked.