fix: iac-security-filter flag ignoring passed parameters (AST-145741)

[cx-goncalo-lemos]

By submitting this pull request, you agree to the terms within the Checkmarx Code of Conduct. Please review the contributing guidelines for guidance on creating high-quality pull requests.

Description

Flag --iac-security-filter (and its deprecated alias --kics-filter) was registered as a String flag in internal/commands/scan.go, but deprecatedFlagValue() reads it using GetStringSlice. This silently returns an empty slice, causing the filter value to be dropped and never sent to the API. As a result, the filter had no effect and files that should have been excluded were still scanned.

Fixed by registering both flags as StringSlice, consistent with how --iac-security-platforms / --kics-platforms are registered.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

Related Issues

Link any related issues or tickets.

https://checkmarx.atlassian.net/browse/AST-144685

Checklist

• I have performed a self-review of my code
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)
• Any dependent changes have been merged and published in downstream modules
• I have updated the CLI help for new/changed functionality in this PR (if applicable)
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used

Screenshots (if applicable)

Add screenshots to help explain your changes.

Additional Notes

Add any other relevant information.