Update bundler-audit to 0.9.0.1

Problem to solve

bundler-audit 0.9.0.1 is available, we should consider upgrading our analyzer.

Proposal

Please carefully check the how to update the upstream Scanner.

Or follow the default workflow:

• review the changelog
• update the pinned version (in the Dockerfile or script or template, the mileage may vary)
• make sure all test passes

Testing

• Check relevant test projects leveraging bundler-audit and make sure QA pipelines are passing with this new version: QA projects for Dependency Scanning

https://gitlab-org.gitlab.io/quality/ci/secure-test-project-orchestrator/ - Sort by bundler-audit , bundler-audit-dependency_scanning shows Custom CA and ruby-bundler

What does success look like, and how can we measure that?

Our feature is leveraging the latest version (0.9.0.1) of bundler-audit.

What is the type of buyer?

GitLab Ultimate

Links / references

Related to #325324 (closed).