Add daily security builds workflow for dependency auditing

[MeridianAlgo-Developer]

Summary

This PR introduces a comprehensive daily security builds workflow that automatically audits dependencies, enforces security policies, detects outdated packages, and updates lockfiles on a scheduled basis.

Key Changes

• Security Audit Job: Runs cargo-audit daily to detect known CVEs from the RustSec advisory database, with JSON report artifacts and GitHub step summary output
• Dependency Policy Enforcement: Implements cargo-deny checks for advisories, licenses, and banned dependencies with sensible defaults when no deny.toml exists
• Outdated Dependencies Detection: Uses cargo-outdated to identify stale dependencies and generates reports for review
• Automated Patch Updates: Automatically applies patch-level lockfile updates via cargo update, validates with audit and build checks, and commits changes to main branch
• SARIF Security Reporting: Converts cargo-audit JSON output to SARIF format and uploads to GitHub Security tab for integrated vulnerability tracking

Implementation Details

• Workflow runs on a daily schedule (04:00 UTC) with manual trigger support via workflow_dispatch
• Patch update job depends on successful audit and deny checks to prevent pushing vulnerable updates
• All audit and outdated reports are uploaded as artifacts with appropriate retention periods (90 days for audit, 30 days for outdated)
• SARIF generation includes Python inline script to transform cargo-audit JSON into GitHub-compatible format with proper rule IDs, severity levels, and package metadata
• Uses || true in audit steps to allow workflow continuation while still failing the final validation step if vulnerabilities exist

https://claude.ai/code/session_019JtRFKMry6YusXKfHAuv3R