Ignore vendored Go module files by default

[picatz]

Similar to #147 for NPM, it would be nice of the Go module extractor ignored go.mod files from the vendor directory.

osv-scalibr/extractor/filesystem/language/golang/gomod/gomod.go

Lines 50 to 53 in abf6098

	// FileRequired returns true if the specified file matches go.mod files.
	func (e Extractor) FileRequired(api filesystem.FileAPI) bool {
	return filepath.Base(api.Path()) == "go.mod"
	}

I understand I can configure directories to be skipped in ScanConfig, but I think the vendor directory might be good to skip out-the-box?

osv-scalibr/scalibr.go

Lines 76 to 84 in abf6098

	// Optional: Directories that the file system walk should ignore.
	// Note that on real filesystems these are not relative to the ScanRoots and
	// thus need to be in sub-directories of one of the ScanRoots.
	// TODO(b/279413691): Also skip local paths, e.g. "Skip all .git dirs"
	DirsToSkip []string
	// Optional: If the regex matches a directory, it will be skipped.
	SkipDirRegex *regexp.Regexp
	// Optional: If the glob matches a directory, it will be skipped.
	SkipDirGlob glob.Glob

[samsalisbury]

Another directory to consider ignoring by default is testdata, as well as directory names beginning with a . or _, as these are all ignored by the go command, allowing them to contain e.g. invalid go code/go modules needed for testing.