New rule: Detect use of ".." in file scheme URIs

[ghost]

Even though the SARIF spec v2.1.0 doesn't prohibit it, the use of ".." segments in file scheme URIs is dangerous for reasons explained in oasis-tcs/sarif-spec#461. Add a warning-level analysis rule that reports the presence of ".." segments that are either (a) absolute, using the file: scheme, or (b) relative (because the user might resolve them to an absolute URI with the file: scheme).

[michaelcfanning]

@eddynaka, can we please have someone author this check?

[eddynaka]

@shaopeng-gh , can you work on this?

Below, some examples:
https://github.com/microsoft/sarif-sdk/tree/main/src/Sarif.Multitool.Library/Rules

[shaopeng-gh]

Got it, will check existing rule format and add a new one.

[shaopeng-gh]

Took a deeper look, I found this is already implemented:
SARIF1002.UrisMustBeValid
https://github.com/microsoft/sarif-sdk/blob/main/src/Sarif.Multitool.Library/Rules/SARIF1002.UrisMustBeValid.cs
possibly we implemented just the issue was not resolved at the time.