Version 14 that we used before is now in maintenance mode, so we should
upgrade to the most recent LTS version.
Moreover, use the most recent `setup-node` workflow version and syntax;
see https://github.com/actions/setup-node#usage.
This command was added all the way back when basic CI-support was first introduced (using Travis at the time), however it's never really intended to be used e.g. for local development.
By having a `npm test`-command listed in the `package.json` file, there's a very real risk that someone unfamiliar with the code-base would only run that one and thus miss all the other (more important) test-suites[1].
Hence this patch which removes the `npm test`-command, and instead simply calls the relevant gulp-task[2] directly in the GitHub Actions configuration.
---
[1] Which consist of the unit-tests (run in browsers), the font-tests (potentially), the reference-tests, and the integration-tests.
[2] Which is also renamed slightly, to better fit its current usage.
This allows us to get the quality checks that LGTM does into GitHub
Advanced Security. Since it not only runs security checks anymore, the
workflow is also renamed to CodeQL to make this more explicit (and this
matches the documentation better).
This makes it consistent with the GitHub Advanced Security file and,
more importantly, ensures that all steps have a proper name for better
visibility.
