Separate lockfile parsing from vulnerability scanning

[ushis]

Hi,

i would like you to use the bundler-audit library for scanning lockfiles stored in a database, rather than beeing available as actual files. So i changed Scanner#initialize to take a Bundler::LockfileParser as argument und introduced FileScanner to do the file opening, reading and parsing.

This change breaks API. I am not sure how many people (if any) are using the projects lib and what your policy is regarding breaking changes. If you like to stay backwards compatible i can update the PR.

Cheers, ushi