Add Gemnasium dependency check to SAST
Description
Gemnasium has great, fast vulnerability checking for dependencies for several languages. We should add it to our SAST.
Proposal
The first iteration will include improvements to current gl-sast tool in order to:
- add dependency checks for php projects
- add dependency checks for python projects
- add better dependency checks for javascript and ruby
It will not remove any of the current features, and will manage to normalize results to avoid duplicates created by similar tools.
Edited by Fabio Busatto