[Issue]: Move DependencyViolation and ComplianceReport classes to dedicated module

[WilliamBerryiii]

Issue Description

Test-DependencyPinning.ps1 defines DependencyViolation and ComplianceReport classes inline within the script (~80 lines). Moving these to a dedicated module would improve reusability, enable unit testing of the classes, and follow the pattern established by FrontmatterValidation.psm1.

Additional Context

Current classes in Test-DependencyPinning.ps1:

• DependencyViolation - represents a single pinning violation with file, line, type info
• ComplianceReport - aggregates violations and generates reports in multiple formats

Recommended approach:

1. Create scripts/security/Modules/SecurityClasses.psm1 (mirroring the linting/Modules/ pattern)
2. Move both class definitions to the new module
3. Update Test-DependencyPinning.ps1 to use using module import

Testing:

• Create unit tests for class methods (e.g., ComplianceReport.ToSarif(), ToMarkdown())
• Run npm run lint:pinning to verify no regression
• Run existing Pester tests