Brakeman doesn't always play nice with `only_files`

[nikolai-b]

https://github.com/presidentbeef/brakeman/issues/1267#issuecomment-427151504

Would it be possible to move to using skip-files here

something like

files = ruby_patches.map do |patch|
  patch.new_file_full_path.relative_path_from(repo_path).to_s
end
unchanged_files = Dir["**/*.rb"] - files
output = ::Brakeman.run(app_path: repo_path,
  output_formats: [:to_s],
  skip_files: unchanged_files)