Add Pre-commit, gitleaks,codeql #14

	# Dependency Review - blocks PRs that introduce known-vulnerable dependencies
	name: Dependency Review

	on:
	pull_request:
	branches: [main]

	permissions:
	contents: read
	pull-requests: write

	jobs:
	dependency-review:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Dependency Review
	uses: actions/dependency-review-action@v4
	with:
	fail-on-severity: high
	comment-summary-in-pr: always
	deny-licenses: GPL-3.0-only, AGPL-3.0-only

Provide feedback