🌱 SAST: dedupe and add Pysa and Qodana probe

[DavidKorczynski]

What kind of change does this PR introduce?

Adds a probe checking the presence of Pysa SAST Github action (https://github.com/facebook/pysa-action) and Qodana (https://www.jetbrains.com/qodana/)

Additionally, refactors duplicate code throughout the checking logic.

(Is it a bug fix, feature, docs update, something else?)

• PR title follows the guidelines defined in our pull request documentation

What is the current behavior?

Scorecard will not recognize Pysa/Qodana scanning as a SAST action

What is the new behavior (if this is a feature change)?**

Scorecard will recognize Pysa/Qodana scanning as a SAST action.

• Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

Ref: #2318

Fixes: #3709

Fixes: #3745

Special notes for your reviewer

Does this PR introduce a user-facing change?

Yes, in that it will change scoring of projects that use Pysa and users may now see Pysa-related details in the output.

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

[codecov]

Codecov Report

Merging #3743 (7367102) into main (6c2a266) will increase coverage by 2.05%.
The diff coverage is 69.23%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3743      +/-   ##
==========================================
+ Coverage   66.84%   68.90%   +2.05%     
==========================================
  Files         227      229       +2     
  Lines       15353    15372      +19     
==========================================
+ Hits        10263    10592     +329     
+ Misses       4483     4129     -354     
- Partials      607      651      +44     

[DavidKorczynski]

Putting this in draft as I'll tackle #3745 first

[spencerschrock]

/scdiff generate SAST

[github-actions]

Here's a link to the scdiff run

[spencerschrock]

Thanks.