Add CodeQL for GitHub code scanning (#1548)

* Create codeql.yml

* Addressing codeql findings

test/jsonchecks/jsonschema.py

@@ -11,7 +11,6 @@ instance under a schema, and will create a validator for you.
 
 from __future__ import division, unicode_literals
 
-import collections
 import contextlib
 import datetime
 import itertools
@@ -474,10 +473,10 @@ class _Draft34CommonMixin(object):
                     yield error
             else:
                 dependencies = _list(dependency)
-                for dependency in dependencies:
-                    if dependency not in instance:
+                for depend in dependencies:
+                    if depend not in instance:
                         yield ValidationError(
-                            "%r is a dependency of %r" % (dependency, property)
+                            "%r is a dependency of %r" % (depend, property)
                         )
 
     def validate_enum(self, enums, instance, schema):
@@ -512,10 +511,10 @@ class Draft3Validator(ValidatorMixin, _Draft34CommonMixin, object):
             elif self.is_type(type, "string"):
                 if self.is_type(instance, type):
                     return
-        else:
-            yield ValidationError(
-                _types_msg(instance, types), context=all_errors,
-            )
+            else:
+                yield ValidationError(
+                    _types_msg(instance, types), context=all_errors,
+                )
 
     def validate_properties(self, properties, instance, schema):
         if not self.is_type(instance, "object"):
@@ -694,6 +693,7 @@ class Draft4Validator(ValidatorMixin, _Draft34CommonMixin, object):
                 yield error
 
     def validate_oneOf(self, oneOf, instance, schema):
+        first_valid = ""
         subschemas = enumerate(oneOf)
         all_errors = []
         for index, subschema in subschemas: