SASTBot: Monthly dependency updates for 17.9

What does this MR do?

• upgrade github.com/google/go-cmp version [v0.6.0 => v0.7.0]
• upgrade github.com/urfave/cli/v2 version [v2.27.5 => v2.27.6]
• upgrade gitlab.com/gitlab-org/security-products/analyzers/report/v5 version [v5.3.0 => v5.7.0]
• upgrade gitlab.com/gitlab-org/security-products/analyzers/ruleset/v3 version [v3.3.1 => v3.3.2]

Note that the version update for Kics from 2.1.3 to 2.1.5 has been removed due to a bug. More details in this comment and issue.

CHANGELOG is generated by SASTBot.

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer