Fix security scanning workflow failures on scheduled runs

[Copilot]

The security scanning workflow was failing on scheduled runs and direct pushes to main because TruffleHog's base/head parameters resolved to the same commit, and CodeQL attempted to analyze non-existent JavaScript/Python source files in this documentation-only repository.

Changes

• TruffleHog: Removed base and head parameters to scan entire repository on all events
• CodeQL: Removed JavaScript/Python analysis jobs (no source code to scan)
• README: Updated to reflect current scanning capabilities

# Before: Failed when base == head
- name: TruffleHog OSS
  uses: trufflesecurity/trufflehog@main
  with:
    path: ./
    base: ${{ github.event.repository.default_branch }}
    head: HEAD

# After: Scans full repo on all events
- name: TruffleHog OSS
  uses: trufflesecurity/trufflehog@main
  with:
    path: ./
    extra_args: --only-verified

Workflow now runs: secret scanning (all events) + dependency review (PRs only).

Original prompt

help fix this issue

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.