[WIP] Add and manage branch protection rules for main branch

[Copilot]

Thanks for asking me to work on this. I will get started on it and keep this PR's description up to date as I form a plan and make progress.

Original prompt

Add and manage branch protection rulesets for the main branch, including prevention of direct pushes, required linting and code scanning checks, and restrictions on outside contributors pushing directly.

Key requirements:

• Block direct pushes to the main branch (require pull requests instead)
• Require all linting checks (status: 'Lint') and code scanning checks (status: 'Code scanning results / CodeQL') to pass before merging PRs to main
• Only allow specific users (e.g., repository admins, Kushmanmb) to bypass protection when necessary
• Set up GitHub Actions workflow to enforce linting as a status check
• Provide configuration in .github/rulesets/main-protection.yml
• Document that code scanning workflows should be added via GitHub UI or with a CodeQL workflow

Deliverables:

1. A .github/rulesets/main-protection.yml file containing the appropriate ruleset as described
2. A .github/workflows/lint.yml workflow for performing linting using yarn lint
3. Instructions or comments about enabling GitHub code scanning with CodeQL from the repository interface

This pull request was created from Copilot chat.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.