Bump security report schema revision version

What does this MR do?

Background

This library is used by Gitlab security analyzers to generate reports for ingestion by Gitlab. Read more about how this works.

Last year, the report schema version in this library was mistakenly bumped from 15.1.4 to 15.2.0. Because the CI template is configured to always use the latest version within a major version series (e.g., if configured for v5, it will pull the latest 5.x.x release like 5.4.1), some analyzers using this updated library started generating reports with the 15.2.0 schema. However, GitLab versions 17.0–17.4 did not yet support 15.2.0, so reports failed validation and were not ingested.

Current state

In GitLab 18.0, analyzer major versions have been bumped, so we can safely update this library to use the 15.2.x schema without breaking ingestion for most analyzers. However, the SpotBugs analyzer major version was not bumped, which means there’s still a risk it could pull in this change and cause ingestion failures.

To make this risk explicit, I am bumping the major version of this library.

What are the relevant issue numbers?

New REVISION of the security report schema prev... (gitlab-org/gitlab#497405 - closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Ensure the report version matches the equivalent schema version
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer