CII-Best-Practices for Nodejs: Entry level (#954)

* feat: copied passing criterial Questions and Answers

* fix: updated link

See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034

* docs: static source code analysis is a met criteria

As discussed in nodejs/security-wg#985

* Update tools/ossf_best_practices/passing_criteria.md

* Update tools/ossf_best_practices/passing_criteria.md

* Update tools/ossf_best_practices/passing_criteria.md

* Update tools/ossf_best_practices/passing_criteria.md

Co-authored-by: Tobias Nießen <tniessen@tnie.de>

* Update tools/ossf_best_practices/passing_criteria.md

Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com>

* Update tools/ossf_best_practices/passing_criteria.md

Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>

* Update tools/ossf_best_practices/passing_criteria.md

---------

Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com>
Co-authored-by: Tobias Nießen <tniessen@tnie.de>
Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>