Update expectations to use more accurate gomod dependency generation

In Add golang builder to gemnasium and sbomgen-gol... (gitlab-org/security-products/analyzers/gemnasium!392 - merged) the logic for scanning go projects was changed to the following:

1. the analyzer first invokes a builder and attempts to generate a build list (more accurate dependency reporting)
2. if the build list fails, we fall back to parsing the go.sum file (less accurate dependency reporting, with possible false positives)

If this test project only had a go.sum file, we would automatically use option 2. above, and the expectations would remain the same. However, since this test project has a main.go and go.mod file, we're able to use the more accurate scan in option 1. which removes false positives, and therefore we currently have broken tests due to a mismatch in the expectations, as shown here.

In order to fix this, we have two options:

1. Remove the main.go and go.mod files. This will then force the analyzer to parse the go.sum file and the expectations will no longer need to be updated

   This is difficult because if we remove the main.go file, the qa-gosec-sast job will fail because it requires a *.go file to exist.

2. Update the expectations so they refer to the more accurate dependency scanning results obtained when we can generate a build list based on the main.go and go.mod files.

   This has the disadvantage of changing the test, since we're now checking the behaviour of the analyzer when generating a build list, whereas before, we were checking the behaviour of the analyzer when parsing the go.sum file. I believe this is an acceptable tradeoff, since the purpose of this test is a sanity check for the Dependency-Scanning.gitlab-ci.yml template, and the more thorough tests for go-modules are tested in the gemnasium integration tests.

This MR implements option 2. above - it updates the expectations.