Ignoring certain packages

[kruegers]

Extend CogniCrypt_SAST to take a list of packages that should be ignored during the analysis. These packages may contain test cases, come from libraries, or contain misuses not intended to be fixed for other reasons.

For CLI, add an option that takes a file, in which the packages can be listed one-per-line.

[kruegers]

I've come across a paper that more or less implements what I've had in mind. Please read it before starting conceptual or implementation work: Source Attribution of Cryptographic API Misuse in Android Applications by Muslukhov et al. Their arguments seem reasonable and their methodology sound.