Security: Replace curl | bash with official Veracode GitHub Action

Fix CWE-506 Embedded Malicious Code vulnerability detected by Arnica.

Replace potentially dangerous curl | bash pattern with official
veracode/sourceclear-github-action@v1 to eliminate arbitrary code
execution risk.

- Remove: curl -sSL https://download.sourceclear.com/ci.sh | bash
- Add: Official Veracode SourceClear GitHub Action (verified, pinned)
- Maintains same SourceClear SCA scanning functionality
- Eliminates supply chain attack vector
- Removes access to secrets from arbitrary downloaded scripts

Resolves FSSDK-12313

Author: Mat001

.github/workflows/source_clear_cron.yml

@@ -20,9 +20,11 @@ jobs:
         with:
           go-version: '1.21.0'
           check-latest: true
-      - name: Source clear scan
-        env:
-          SRCCLR_API_TOKEN: ${{ secrets.SRCCLR_API_TOKEN }}
-        run: |
-          go mod tidy
-          curl -sSL https://download.sourceclear.com/ci.sh | bash -s - scan
+      - name: Go mod tidy
+        run: go mod tidy
+
+      - name: Veracode SourceClear Scan
+        uses: veracode/sourceclear-github-action@v1
+        with:
+          api-token: ${{ secrets.SRCCLR_API_TOKEN }}
+          scan-type: sca