Pin scanner version in security-code-scan analyzer

Problem to solve

Our security-code-scan analyzer installs the Scanner's .Net package dynamically at runtime. By doing this we may download a newer major version of the scanner that could break the compatibility with our analyzer.

We must install a specific version instead, and update it periodically.

Target audience

Developer, various Security roles.

Further details

Proposal

Update the analyzer to leverage the -v option to install a specific version.

What does success look like, and how can we measure that?

The same version of security-code-scan is installed until we bump it manually.

Links / references