fix(iac): upgrade iac components to address a vulnerability [IAC-3439]

[andreeaneata]

Pull Request Submission Checklist

• Follows CONTRIBUTING guidelines
• Commit messages
  are release-note ready, emphasizing
  what was changed, not how.
• Includes detailed description of changes
• Contains risk assessment (Low | Medium | High)
• Highlights breaking API changes (if applicable)
• Links to automated tests covering new functionality
• Includes manual testing instructions (if necessary)
• Updates relevant GitBook documentation (PR link: ___)
• Includes product update to be announced in the next stable release notes

What does this PR do?

Upgrades IaC components to the latest version in which a minor fix of a package that had a vulnerability was added.

Where should the reviewer start?

<local build> iac test --help
<local build> iac rules --help

^ but no changes were introduced, those should work as until now

How should this be manually tested?

The commands would work for orgs that have IaC+ enabled.
For IaC command:

<local build> iac test <path_for_iac_files>

For the rules extension:

<local build> iac rules init - try something from this interactive UX
For something already written rules from here: https://github.com/chdorner-snyk/sandbox-custom-rules use <local build> iac rules push --org=<that_has_iac+>

What's the product update that needs to be communicated to CLI users?

None, no changes.

Risk assessment (Low | Medium | High)?

Low

Any background context you want to provide?

Both extensions use policy-engine and the minor upgrade of the package with the vulnerability is contained by policy-engine. The package with the vulnerability is go-getter (which was upgraded from v1.7.5 to v1.7.9).

It might seem like policy-engine got a major upgrade in this PR, but actually the changes added with the major release from v1.0.0 were reverted in v1.1.0 and that contains only the go-getter upgrade.

Vulnerability of go-getter: SNYK-GOLANG-GITHUBCOMHASHICORPGOGETTER-11951454

What are the relevant tickets?

IAC-3439

Screenshots (if appropriate)

[snyk-io]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)

✅ code/snyk check is complete. No issues have been found. (View Details)

[github-actions]

	Warnings
⚠️	You've modified files in src/ directory, but haven't updated anything in test folder. Is there something that could be tested?

Generated by 🚫 dangerJS against eaaaf84

[PeterSchafer]

LGTM!