SASTBot: Monthly dependency updates for 15.6

What does this MR do?

Along with the SASTBot updates below, I've tweaked the Dockerfile to reduce the analyzer image size by almost half. This was done by:

• Using the php:alpine base image instead of composer:2.0, and copying only the composer binary that's needed to fetch dependencies. The binary is copied from the binary-only composer image that was released recently.
• Reducing the number of layers by consolidating some RUN commands into a single command.

---

• upgrade github.com/stretchr/testify version [v1.8.0 => v1.8.1]
• upgrade github.com/urfave/cli/v2 version [v2.19.2 => v2.23.5]
• upgrade gitlab.com/gitlab-org/security-products/analyzers/command version [v1.9.2 => v1.10.0]
• upgrade gitlab.com/gitlab-org/security-products/analyzers/report/v3 version [v3.15.2 => v3.16.0]

Note: Changelog is autogenerated by SASTBot.

What are the relevant issue numbers?

• 15.6 Planning - Static Analysis (gitlab-org/gitlab#377933 - closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer