feat: added platform validation

[UlisesGascon]

Main changes

• Added business logic to ensure that the platform is checked against the affectedEnvironments from the vuln database.
• Added platform input as optional for Github Action
• Added os.platform() to the CLI by default

Notes

@RafaelGSS I added some additional cognitive points to the getVulnerabilityList function and it is not easy to test with the current files structure. Should I move getVulnerabilityList and getSystemEnvironment to a utility file so I can include proper Unit Tests?

Context

This PR is related to nodejs/security-wg#912, nodejs/security-wg#914 and close #9

[RafaelGSS]

Also, tests will need to be updated as well

[UlisesGascon]

I added specific tests in b4f87da

[RafaelGSS]

LGTM. I'll wait for the security-wg PRs to merge before releasing this one

Thank you

[RafaelGSS]

Actually, @UlisesGascon, I think we need to receive an option checkEnvironment in the Github Action and set it to false as default to prevent breaking changes. Most of cases the runner environment that will run the action will not be the same as will run in production, so it can lead to false positives.

Can you do it and document it in the README, please?

[UlisesGascon]

@RafaelGSS I updated the docs in 60fa37b. The argument platform is optional in the Github Action, and it can be specified by the user. Only when the execution is made by npx as executable the platform is provided by default os.platform().

I believe this is not a breaking change at all, so this can be the v1.3.0.

[UlisesGascon]

The tests are failing until nodejs/security-wg#916 got merged as the index is using an old version of the database that used [linux, win, macos] values and not the ones compatible with os.platform() as agreed in nodejs/security-wg#914