feat: add trivy and custom security checks

[vishutyagi0210]

Implement Trivy security scans and npm outdated check in CI/CD workflow

Issue Number: Fixes #123

Description of Changes
This pull request implements the following improvements to our CI/CD workflow:

• Added Trivy vulnerability scan for the filesystem
• Implemented Trivy secret scan for the filesystem
• Added npm outdated package check
• Generated and uploaded a combined security report

Example report
trivy-V-and-S-Scan-report.md

These changes enhance our security posture by automatically scanning for vulnerabilities and secrets in our codebase, as well as identifying outdated npm packages that may need updating.

Additional Notes

• The Trivy scans are configured to run on every pull request (opened, reopened, or synchronized).
• The combined report is uploaded as an artifact for easy review.
• No new dependencies were added to the project for these scans.

🛠️ Type of Change

• 🐛 Bug fix
• ✨ New feature
• 🚨 Breaking change
• 📚 Documentation update

✅ Checklist

To ensure a smooth review process, please check off each item as you complete it:

• Code Style: My code adheres to the project’s style guidelines.
• Self-Review: I have reviewed my own code and made improvements.
• Comments: I’ve added comments to explain complex or non-obvious parts of the code.
• Documentation: I’ve updated the documentation to reflect my changes.
• Warnings: My changes introduce no new warnings.
• Tests: I’ve added tests to verify that my changes work as expected.
• Passes Locally: All new and existing unit tests pass on my local machine.

[vishutyagi0210]

Hi @cb7chaitanya,

Let me know if you need more details on what I’ve done so far. For additional context, here’s an article I wrote on Medium that explains why Trivy is a smart choice for security scanning.
link: https://medium.com/@vt3630/trivy-the-smart-choice-for-security-scanning-when-and-why-b985a1302720

[cb7chaitanya]

Super cool @vishutyagi0210