Adding the CodeQL Bundle to the toolcache seems to take a surprisingly long amount of time. We haven't collected large scale telemetry yet, but here's some anecdotal numbers from looking at the logs on PR checks:

• Linux: ~10–15 secs
• macOS: ~15–20 secs
• Windows: ~2 minutes (!)

Therefore in this PR, we add a feature flag that extracts the CodeQL bundle directly to the toolcache, eliminating the copy to toolcache step completely.

I've tested the change by adding a PR check, temporarily modifying this to running 10 runs on each platform, and running this a bunch of times. Next steps are dogfooding this change internally using the feature flag.

Merge / deployment checklist

• Confirm this change is backwards compatible with existing workflows.
• Confirm the readme has been updated if necessary.
• Confirm the changelog has been updated if necessary.