Add SAST_EXCLUDED_PATHS, SAST_BANDIT_EXCLUDED_PATHS option

What does this MR do?

• Expose Bandit --exclude option as SAST_BANDIT_EXCLUDED_PATHS (filter on scan)
• Add SAST_EXCLUDED_PATHS option (upgrade to common@v2.3.0) (filter on report)
• Split severity and confidence (upgrade to common@v2.2.0

This depends on common!34 (merged)

TODO

• Revert to tagged version of common once common!34 (merged) is merged

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab-ee/issues/10030

Does this MR meet the acceptance criteria?

• Changelog entry added
• [-] Documentation created/updated for GitLab EE, if necessary
• [-] Documentation created/updated for this project, if necessary
• [-] Documentation reviewed by technical writer or follow-up review issue created
• [-] Tests added for this feature/bug
• Job definition updated, if necessary
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• [-] Security reports checked/validated by reviewer