fix: fail to load deprecated ecdsa verifier

[rdimitrov]

Description of the changes being introduced by the pull request:

The following PR updates the set_ecdsa package to use the correct verifier for the deprecated ECDSA key type - deprecated is hex encoded, and the compliant one is PEM-formatted.

The deprecated verifier is added for both key type formats - "ecdsa" and "ecdsa-sha2-nistp256".

Once this is merged, there will be a patch release of v0.6.1 which should include it.

Fixes #527

Release Notes:

Types of changes:

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected). Please ensure that your PR title is a Conventional Commit breaking change (with a !, as in feat!: change foo).

Please verify and check that the pull request fulfills the following requirements:

• Tests have been added for the bug fix or new feature
• Docs have been added for the bug fix or new feature

[rdimitrov]

I wonder if we should disable govulncheck for the time being. It's nice, but it cannot be configured to silence vulnerabilities. In this case, it's referring to getting the fix from an unstable version which is not ideal.

Update: I've decided to add a -json flag so it still runs but it doesn't fail the CI.

[rdimitrov]

cc: @asraa @haydentherapper

[znewman01]

Nice, thanks for digging into this!

[haydentherapper]

Thanks!

[haydentherapper]

Can we get this merged and a new release cut?

[rdimitrov]

Can we get this merged and a new release cut?

Yes, unfortunately, I cannot merge it unless there're 2 maintainer approvals :/

ping @mnm678 @trishankatdatadog @kommendorkapten

[joshuagl]

LGTM, thanks.