Skip low-confidence Brakeman warnings in CI

[anaulin]

Updates Brakeman CI configuration to skip "low confidence" warnings. The only goal of this change is to unblock other in-flight PRs, which are having their builds go red due to such low-level warnings (see e.g. https://github.com/doubleunion/arooo/pull/763)

This PR also:

• updates Ruby to the latest 2.x version
• updates the Gemfile to refer to the .ruby-version file, instead of maintaining two separate copies of the Ruby version string
• updates the Brakeman gem itself

On a higher-level note:

• I don't know if the Brakeman checks are desirable at this point -- they are a good reminder to update things, but also maybe get in the way of the little development that happens on this repo? I don't have a strong opinion either way.
• At some point soon-ish it would be good to upgrade to Ruby 3.x, but that will be a slightly larger task than this here minor version update.

[anaulin]

@Imperiopolis if you or anyone else wants to take out the brakeman check from CI, that sounds very reasonable to me