feat: propagate resultId to SARIF (#359)

<!--
Thanks for contributing to 2ms by offering a pull request.
-->

Closes #

**Proposed Changes**
Have the  resultId in SARIF report.
I put the resultId in the field result.properties.resultId.

I was thinking of putting in the result.Guid field but the format does
not match the pattern of
"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$"
in the SARIF schema.

https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json


<!--
Please describe the big picture of your changes here. If it fixes a bug
or resolves a feature request, be sure to link to that issue.
-->

**Checklist**

- [x] I covered my changes with tests.
- [ ] I Updated the documentation that is affected by my changes:
  - [ ] Change in the CLI arguments
  - [ ] Change in the configuration file

I submit this contribution under the Apache-2.0 license.

Simplify declaration of categoryScore

feat: add confluence page id to secret extra details and to sarif pro…

…perties (#357)

fix: confluence page-body limit handling and selector warnings (#355)

What was wrong

- When a page body was bigger than --max-page-body-megabytes, the client
skipped it before the plugin saw it.
- Because of that, the plugin never marked the page ID / space ID as
“seen”.
- Result: valid page IDs/space IDs could show up in the “don’t exist /
no access” warning.

What changed

- Page-body size limit is now enforced in the plugin, not inside the
client visitor.
- We always mark the page as “seen” (returnedPageIDs / returnedSpaceIDs)
before deciding to skip its content.
- Warning about missing selectors now only reports IDs/keys that truly
returned no pages or were invalid.

Behaviour

- Big pages are skipped for content, but not treated as
missing/inaccessible.
- Total scan / per-response limits behaviour is unchanged.

Extra

- Updated sort parameter to use modified date instead of created date

fix: vulnerability (#354)

Only fixing vulnerability from binary for now, because we don't have an
updated image for Dockerfile right now

feat: confluence improvements (#348)

- Remove token-type flag: accept both token formats; use only --token.
- Improve error handling with clearer, typed errors.
- Add consolidated warning message for invalid page IDs, space IDs and
space keys.
- Add limits for page body size, api response size, total fetched data
to scan

fix: vulnerability (#352)

fix: extend whitespace detection in generic-api-key (#343)

<!--
Thanks for contributing to 2ms by offering a pull request.
-->

**Proposed Changes**

<!--
Increasing whitespace limit to better address secrets spread in newlines
with increased identation
-->

**Checklist**

- [x] I covered my changes with tests.
- [ ] I Updated the documentation that is affected by my changes:
  - [ ] Change in the CLI arguments
  - [ ] Change in the configuration file

I submit this contribution under the Apache-2.0 license.

feat: confluence revamp (#330)

- Revamp confluence to use Confluence REST API v2
- Add flag to scan for a specific page ID
- Split the old --spaces flag into --space-keys and --space-ids.
- Add rate-limit handling and minimize the number of requests
(https://developer.atlassian.com/cloud/confluence/rate-limiting/)

---------

Co-authored-by: Rui Oliveira <[email protected]>

fix: vulnerability (#339)