chore(ci): implement code scanning (#26)

## Summary

Adds PR vulnerability and license scanning, and master build release
creation & SBOM generation.

## Detail

## Testing

## Documentation

---

**Requested Reviewers:** @mention

Author: jscaltreto

.github/workflows/ci.yml

@@ -1,6 +1,8 @@
 name: Continuous Integration
 on:
   pull_request:
+  push:
+    branches: [master]
 jobs:
   test:
     name: 'Test'
@@ -25,3 +27,13 @@ jobs:
 
       - name: Run Tests
         run: yarn test:unit:ci
+
+  scan:
+    needs: test
+    if: github.event_name == 'pull_request'
+    uses: circlefin/circle-public-github-workflows/.github/workflows/pr-scan.yaml@v1
+
+  release-sbom:
+    needs: test
+    if: github.event_name == 'push'
+    uses: circlefin/circle-public-github-workflows/.github/workflows/attach-release-assets.yaml@v1