Reproducible junit report

[xpivarc]

In some cases, stable ordering or the reproducible output is needed(CI).
This PR adds additional sorting to severity sorting to ensure stable output.
Futhermore this also fix junit output which didn't respect ordering.

[codecov-commenter]

Codecov Report

Merging #529 into master will decrease coverage by 1.88%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #529      +/-   ##
==========================================
- Coverage   72.70%   70.81%   -1.89%     
==========================================
  Files           9        9              
  Lines         674      562     -112     
==========================================
- Hits          490      398      -92     
+ Misses        163      143      -20     
  Partials       21       21              

Impacted Files	Coverage Δ
errors.go	50.00% <0.00%> (-13.64%)	⬇️
import_tracker.go	63.15% <0.00%> (-8.85%)	⬇️
config.go	84.21% <0.00%> (-3.55%)	⬇️
call_list.go	90.90% <0.00%> (-1.78%)	⬇️
analyzer.go	91.27% <0.00%> (-1.34%)	⬇️
issue.go	74.54% <0.00%> (-0.46%)	⬇️
helpers.go	45.07% <0.00%> (-0.28%)	⬇️
rule.go	100.00% <0.00%> (ø)
resolve.go	100.00% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 868556b...f2868f0. Read the comment docs.

[ccojocar]

Thanks for this contribution.

[ccojocar]

@xpivarc The pull request looks good. Could you add please some tests? It seem that the test coverage had decreased. You can find more details here https://codecov.io/gh/securego/gosec/compare/868556b846eafed2980f9708077c402be36ed28f...7d0c5818d73235e5a937e27cf0b7bcb4e919126f. Thanks!

[xpivarc]

@ccojocar I added some tests. Let me know if this is sufficient or you would like to see something more specific. I also noticed that coverage reported some unrelated changes.

[ccojocar]

Thanks for adding some tests.