feat: New optional config item, fail build based on count as alternative to severity.

[arnemejlholm]

• Ready for review
• Follows CONTRIBUTING rules
• Reviewed by Snyk internal team

What does this PR do?

Add small optional to fail the build based on vulnerability count instead of severity.

Where should the reviewer start?

PR should be straightforward. I'm unsure about what to do with the version in the pom.xml, but bumped it just in case.

How should this be manually tested?

Configure plugin like this and run against vulnerable project:

            <configuration>
                <failOnSeverity>false</failOnSeverity>
                <failOnCount>5</failOnCount>
            </configuration>

Any background context you want to provide?

Most of our projects does not have the option to fail on a just single severity (low, medium, higher), as the framework we use usually has 2-3 known vulnerabilities even though it has a weekly release cycle. In essence this means that we won't use the snyk maven plugin for testing. For us right now, it makes more sense to be able to fail the build if we have a larger set vulnerabilities e.g. 5 or higher.

What are the relevant tickets?

None

Screenshots

None

Additional questions

None

[arnemejlholm]

Notice that the tests fail even without my changes.

[CLAassistant]

All committers have signed the CLA.