Re If you'd like to find out more about GitHub code scanning and CodeQL, here's how you can enable it on your own repositories! It's free for public repos.
https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning

https://twitter.com/github/status/1423425883872759810