Added semgrep code scanning (#33)

* add semgrep workflow

* test upload/download

* testing semgrep with manual installation

* revert to working YML

* display findings

* revert to working config

---------

Co-authored-by: Michael Long <mlongii@amazon.com>

.github/workflows/scan_repo_with_semgrep.yml

@@ -0,0 +1,20 @@
+name: Semgrep Scan
+
+on: [push]
+
+jobs:
+  semgrep:
+    runs-on: ubuntu-latest
+    container:
+      image: semgrep/semgrep
+
+    steps:
+      - name: Checkout this repository
+        uses: actions/checkout@v4
+
+      - name: semgrep scan
+        run: |
+            semgrep \
+              --sarif --output report.sarif \
+              --metrics=off \
+              --config="p/default"