Requirement: Static source code analysis daily or per commit

Original discussion: https://github.com/nodejs/security-wg/pull/954/files#r1167970826 @mhdawson @tniessen 

> It is SUGGESTED that static source code analysis occur on every commit or at least daily.

Currently this requirement is UNMET