I propose adding Microsoft Security DevOps (MSDO) Github action to webhint pipelines.

MSDO is a tool aggregator that runs multiple static analysis tools against a code base identifying anti-patterns and known vulnerabilities (similar to webhint). We would benefit most from MSDO's ESlint SDL.

Adding MSDO would help secure webhint and webhint consumers.

Implemented in: #5177

There is a blocking bug upstream preventing this issue from moving forward: microsoft/security-devops-action#21