Add vulnerability whitelisting

[woodsonmiles]

Trivy, Grype, and Gymnasium all have separate vulnerability whitelisting capabilities. It would be nice if hoppr-cop could take one whitelisting format and translate it into the format each scanning tool expects. This would allow projects to easily document which vulnerabilities they have already checked out and are accepting the risk for.

• Gymnasium expects a .cveignore file
• Trivy expects a .trivyignore file
• Grype expects a .grype.yaml file that contains a rules section.