feat!: add support for detect v8

[tvcsantos]

This PR adds support for Detect v8 and addresses issue #45.

We have renamed the interfaces in order to match the same naming as bladuck-common-api 2022.10.4.

We also added the new interfaces for this action to work with Detect v8.

The logic itself for generating the report has minimal changes and was adapted to use the new matching fields for the new interfaces required for v8.

Note:

This code has breaking changes and will only be compatible with detect from v8 onwards. Meaning that all versions below are not compatible with these changes.

We have decided to not include backward compatibility on the code to avoid dealing with different versions and have more complex code without need. People using this action can always use tag v0.3.4, to get proper working scans for detect versions up to v7.

Assuming that you are following SemVer and are using major version 0 meaning that this is still under development, and everything can change, a major bump on version would not be needed. But since this breaks compatibility with older Detect versions below v8, I think we should add a note somewhere regarding this.

If you need something, please reach out.

Thanks for this project 💚

[gonmmarques]

Would be really interested in seeing this available, anyone that could review this?

[JeroenKnoops]

I'm also still using version v0.3.2 because of this error...

[gonmmarques]

@spurohitsynopsys or @kishorikumar can you maybe please check this?

[ukv001]

I too would like to use detect version 8.

[lgpalnau]

Help us @rottebds & @spurohitsynopsys , you're our only hope. We're having Pipenv detector dependency locating failures with detect v7.9.0. Testing showed the issue is gone with v8.8.0. This would unblock us from adding scanning to all our python repos.