Command optimization now writes SAST report to current working directory

Summary

When using an analyzer that uses the latest version of command, that analyzer will write the gl-sast-report.json to the current working directory.

I expect that a report should be written to the target directory that has been set via flags or ci env vars.

Steps to reproduce

Use registry.gitlab.com/gitlab-org/security-products/analyzers/semgrep:2.13.5 to reproduce in a shell.

Possible fixes

It looks to me like artifactPath is just the name here: https://gitlab.com/gitlab-org/security-products/analyzers/command/-/blob/main/run.go#L189