Add entitlment snippet

[attiasas]

Add Snippet Detection Entitlement to Result Metadata

Summary

Introduces a structured Entitlements type to replace the standalone EntitledForJas boolean in ResultsMetaData, and adds a new SnippetDetection entitlement. Before running snippet detection, the audit command now verifies the JFrog instance is entitled for it (gated by the curation feature ID in Xray), failing early with a clear error if it isn't.

Changes

• utils/results/results.go: Added Entitlements struct with Jas and SnippetDetection fields; replaced EntitledForJas bool with Entitlements; added SetEntitledForSnippetDetection setter.
• commands/audit/audit.go: getScanLogicOptions now accepts Entitlements and validates snippet detection entitlement before proceeding. initAuditCmdResults checks snippet detection entitlement via a new isEntitledForSnippetDetection function when snippet detection is requested.
• sca/bom/xrayplugin/xraylibbom.go: Added SnippetDetectionFeatureId constant ("curation").
• 13 other files: Migrated all EntitledForJas references to Entitlements.Jas (commands, parsers, result writers, policy enforcer, tests).
• git_test.go: Updated expected violation counts to match current test environment.

Testing

• Existing unit tests updated (git_test.go, securityJobSummary_test.go, pnpm_test.go).
• Validated compile with go vet ./....

---

• The pull request is targeting the dev branch.
• The code has been validated to compile successfully by running go vet ./....
• The code has been formatted properly using go fmt ./....
• All static analysis checks passed.
• All tests have passed. If this feature is not already covered by the tests, new tests have been added.
• Updated the Contributing page / ReadMe page / CI Workflow files if needed.
• All changes are detailed at the description. if not already covered at JFrog Documentation, new documentation have been added.

---

[github-actions]

---

🐸 JFrog Frogbot