[WIP] use the modern analyzer framework for safesql

[bpowers]

This is a work in progress - the loader package is deprecated, and there are new "recommended" SSA packages to build analyses on. Unfortunately, they don't work the same with the pointer.Analyze function to generate a callgraph.

An alternative approach is also implemented in this PR - using the AST instead of an SSA representation, which I think might be straightforward to get the current functionality working, but doesn't (yet) in this PR.

There is a test now, so you can see the problem with go test.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}