Fix CodeQL check name mismatch blocking Dependabot and future PRs

[Copilot]

Description

The codeql.yml job used a matrix strategy with language: ['csharp']. GitHub Actions appends matrix values to job names, registering the check as "Security Scan (CodeQL) (csharp)" instead of the "Security Scan (CodeQL)" required by the branch protection ruleset. This caused every PR to be permanently blocked by branch protection even when all jobs passed and approvals were present.

Change:

• Removed strategy.matrix from codeql.yml — only one language was ever in the matrix, so no functionality is lost
• Hardcoded csharp directly in the init and analyze steps
• Check run is now registered as exactly "Security Scan (CodeQL)", matching the branch protection requirement

# Before — matrix appends "(csharp)", creating name mismatch
strategy:
  matrix:
    language: [ 'csharp' ]
...
  uses: github/codeql-action/init@v3
  with:
    languages: ${{ matrix.language }}

# After — check name matches branch protection exactly
  uses: github/codeql-action/init@v3
  with:
    languages: csharp

Type of change

• Bug fix

How Has This Been Tested?

• CI will re-run CodeQL on the Dependabot branch after this sub-PR merges; the check should register as "Security Scan (CodeQL)" and unblock PR Bump the dotnet-dependencies group with 1 update #67

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

Screenshots (if applicable)

Additional context

Discovered while investigating why PR #67 (Dependabot bump of Meziantou.Analyzer) remained mergeable_state: blocked despite all CI jobs succeeding and code owner approval being present. The mismatch affects any PR in this repository until fixed on main.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

Pull request overview

This PR fixes a GitHub Actions check name mismatch that was blocking all PRs (including Dependabot PR #67) from merging. When a matrix strategy with a single language was used, GitHub Actions appended (csharp) to the job name, registering the check as "Security Scan (CodeQL) (csharp)" instead of the exact string "Security Scan (CodeQL)" required by the branch protection ruleset.

Changes:

• Removed the single-language strategy.matrix block from the analyze job in codeql.yml
• Hardcoded csharp directly in the init and analyze action with: blocks
• Removed the now-redundant build-mode: none parameter and trailing whitespace as part of cleanup