Add support for handling of snippet code

[talz]

Depends on:

• Add support for handling of snippet code jfrog-cli-security#672

Add snippet code decoration to PR review comments

Summary

Add support for displaying public code snippet detections as inline review comments on pull requests. When license violations are identified as originating from copied public code snippets, Frogbot now generates review comments highlighting the affected lines with links to the original source and a table of associated license violations.

Changes

• New SnippetComment review comment type (utils/comment.go): Processes license violations where ImpactedDependencyVersion == "snippet", groups them by file and line, parses GitHub-style #L<start>-L<end> fragments from external reference URLs to determine the snippet span, and generates positioned review comments.
• Snippet review content generation (utils/outputwriter/outputcontent.go): New SnippetReviewContent() produces markdown content with a title, links to external source references, and a severity/license/watch/policies table.
• Environment-gated snippet detection (utils/scandetails.go): Reads SnippetDetectionEnvVariable to conditionally enable snippet detection and passes the flag to CreateAuditResultsContext().
• Dependency update (go.mod, go.sum): Bumped jfrog-cli-security to v1.26.3; moved jfrog-cli-artifactory to indirect.

Checklist

• All tests passed. If this feature is not already covered by the tests, I added new tests.
• This pull request is on the dev branch.
• I used gofmt for formatting the code before submitting the pull request.
• Update documentation about new features / new supported technologies

Notes

• Snippet detection is opt-in via the JFROG_XRAY_SNIPPET_SCAN_ENABLE environment variable.

[github-actions]

Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

---

I have read the CLA Document and I hereby sign the CLA

---

1 out of 2 committers have signed the CLA.
✅ (attiasas)[https://github.com/attiasas]
❌ @tal Zarfati
Tal Zarfati seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the CLA Assistant Lite bot.}

[github-actions]

---

🐸 JFrog Frogbot

[attiasas]

LGTM