Integrate malware detection directly into GitLab

Like any large SaaS site that allows users to upload content, a tiny proportion of our users will take advantage of our service to upload malware to our servers.

I'll leave it up to the security team to decide whether they want to publicly discuss our current methods for detecting and removing this malware, but it's safe to say that it's a fairly reactive process right now: we detect and remove the malware after it's been uploaded.

It would be great if we could detect and prevent malware when it's uploaded, and reject it immediately.

It's likely that users and customers would also be interested in this too, if we were to package it was a feature.

It may be possible to hook something like ClamAV into the artifact repository and also scan git content on push, then reject anything that appears to be malware.

cc @plafoucriere @rostrander @wvandenberg @kathyw @bikebilly