🐛 upgrade osv-scanner to v2

[spencerschrock]

What kind of change does this PR introduce?

bug fix

• PR title follows the guidelines defined in our pull request documentation

What is the current behavior?

osv-scanner was stuck on v1, and couldn't get new features/fixes

What is the new behavior (if this is a feature change)?**

osv-scanner is bumped to the latest commit

• Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

[codecov]

Codecov Report

❌ Patch coverage is 75.36232% with 17 lines in your changes missing coverage. Please review.
✅ Project coverage is 69.54%. Comparing base (353ed60) to head (c88c79c).
⚠️ Report is 264 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4833      +/-   ##
==========================================
+ Coverage   66.80%   69.54%   +2.74%     
==========================================
  Files         230      250      +20     
  Lines       16602    15553    -1049     
==========================================
- Hits        11091    10817     -274     
+ Misses       4808     3870     -938     
- Partials      703      866     +163     

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[spencerschrock]

/scdiff generate Vulnerabilities

[github-actions]

Here's a link to the scdiff run