Config option to update files only in defined paths

[kusamakura]

We recently got a dependency update PR which contains incorrectly updated files that had, by chance, matching versions with the dependency.

In my investigation, I suppose that this mistake comes from this place in the code:

scala-steward/modules/core/src/main/scala/org/scalasteward/core/edit/update/ScannerAlg.scala

Lines 36 to 44 in 667eeda

	def findVersionPositions(
	repo: Repo,
	config: RepoConfig,
	version: Version
	): F[List[VersionPosition]] =
	findPathsContaining(repo, config, version.value)
	.map(VersionPositionScanner.findPositions(version, _))
	.compile
	.foldMonoid

Coupled with the fact that we are using an unrestrained git grep to find the version matches:

scala-steward/modules/core/src/main/scala/org/scalasteward/core/git/FileGitAlg.scala

Lines 93 to 96 in 667eeda

	override def findFilesContaining(repo: File, string: String): F[List[String]] =
	git("grep", "-I", "--fixed-strings", "--files-with-matches", string)(repo)
	.handleError(_ => List.empty[String])
	.map(_.filter(_.nonEmpty))

I could be mistaken in my opinion, but for version updates, I think this grep function is too aggressive/eager, and could use extra arguments to search only in defined paths, i.e. the resulting git grep command could be something like:
git grep -I --fixed-strings --files-with-matches 'version' -- 'project' '*.sbt'

I suggest that the extra path arguments be exposed in a new configuration key called something like updates.whitelistGlob. I'm sure there's a better way to call it, though.

I'm not familiar enough with the codebase but I'd be happy to create a PR if this feature is agreeable.