Static reachability offline support

Problem description

Currently Static Reachability requires an internet connection because the SCA-to-sarif-matcher download the pypi-metadata.

Proposal and Implementation plan

Integrate SCA-to-sarif-matcher in the DS analyzer code.
Add pypi-metadata as part of the DS analyzer image
~~Add a release job that can run on a scheduled pipeline once per week to rebuild the image and update the latest release. We want to do that in order have the most up-to-date pypi-metadata.~~
Update template
Update DS component
Update SCA-to-sarif-matcher documentation that is moved in DS
Update public facing docs

Edited Jun 02, 2025 by Nick Ilieskou