Support flags --sast-excluded-paths and --ignored-dirs

What does this MR do?

Hi, I am from Jihu Gitlab and this MR is part of our milestone task.

One of our client is using flawfinder SAST and want to exclude part of the source code(by directory paths or globs) as that part of code is from third-party.

Python Flawfinder does not support excluding paths natively so I mimic the excluding process in the wrapper. Given a list of file/directory paths and globs to exclude, the wrapper resolves the list of file/directory paths to scan and handling it to Python Flawfinder.

For example, let's say we have the following repo structure and our client want to exclude the globs **/bad,**/exclude-me.c,not-me:

.
├── a
│   ├── a1
│   │   └── hello.c
│   ├── hello.c
│   └── utils.c
├── b
│   ├── b1
│   │   └── bad
│   │       └── utils.c
│   └── hello.c
├── c
│   ├── c1
│   │   ├── exclude-me.c
│   │   └── hello.c
│   └── utils.c
└── not-me
    └── hello.c

The wrapper resolves file/directory list to a b/hello.c c/c1/hello.c c/utils.c, which is the shortest notation and pass it to Python Flawfinder.

If a user does not use --sast-excluded-paths or --ignored-dirs, Python Flawfinder only sees . as files to scan, which is the original behavior of the wrapper.

What are the relevant issue numbers?

• https://gitlab.com/gitlab-jh/gitlab-jh-enablement/-/issues/325+
• Jihu's issue(Chinese): https://jihulab.com/gitlab-cn/gitlab/-/issues/2978

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests updated/added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer