Allow to specify multiple --target-os and --target-arch

[aleksanderkrauze]

Currently you can only specify one target os or arch for filtering vulnerabilities. This choice seems odd to me, because supporting a fixed number of platforms should be pretty popular use-case. If someone wants to check for vulnerabilities only for windows and linux, then the only option is to run cargo audit twice, each time passing different argument to --target-os. And if one wants to configure cargo audit with audit.toml, then this is impossible, since there is no way to change path to config file.

I propose that target os and target arch keys could be specified multiple times, both on CLI and in config file. Then when filtering vulnerabilities cargo audit should look at the union of all passed targets.

[aleksanderkrauze]

If this proposition is accepted and implementation isn't very difficult, I will happily contribute to this project by implementing it myself.

[Shnatsel]

It sounds like a good idea to me. I'd be happy to accept a PR implementing this.

The only issue is how not to make it a breaking change for the config file.

[aleksanderkrauze]

Thanks. I'll do it in the coming days.

When it comes to the config file, backwards compatibility is important, but luckily it is also very easy to do. Serde's untagged enum can dispatch between old and new config values.