Improve scorecard results

[ejratl]

The OpenSSF Scorecard project scans GitHub repos for secure practices. It has given this project a 4. See the attached JSON document for the full rationale. It would be nice to improve this score over time.

bquxjob_58fe6f0e_182c73e5b54.json.txt

Easy to fix items include

• Making sure that there is always a review of a PR before committing it
• Adding read only access control to GitHub workflow actions
• Work on a Best Practices Badge
• Publish a security policy