Port SAST orchestration engine to Dependency Scanning

#5232 (closed) introduced a new orchestrator, letting the users provide their own Docker images. As most of the work is common between SAST and Dependency Scanning, we can share a large portion of the code. The differences between the 2 final executables:

• List of images
• Schema of reported issues is not the same (to be confirmed)

TODO

• Extract generic code from SAST. Move it to a sub-directory within the same project.
• Move this generic code to the common lib. Tag a new version of common and make SAST depend on it.
• Rewrite Dependency Scanning using the common lib. Test resulting code with a simple/dummy analyzer/plugin.
• Port existing plugins and turn them into new projects in the analyzers sub-group:
  • retire
  • bundle-audit
  • gemnasium
  • gemnasium-python
  • gemnasium-maven
  • npm-audit
• Perform full E2E integration tests using test projects
• Update Release Process
• Update GitLab documentation (not needed)