Add "double reported" advisory check

[jasnow]

Add "double reported" advisory check

• To start to gain the benefit of this "double reported" checks, I have extract out the code from PR Add specs to ensure there are no "double reported" advisories. #585 so we could use it.

• While testing this new check, I found that we had one "double reported" so I combine the GHSA advisory into the CVE advisory and deleted the GHSA advisory

  • gems/yard/GHSA-3jfp-46x4-xgfj.yml
  • gems/yard/CVE-2026-41493.yml

[StantonMatt]

I took a local verification pass on this because it is labeled ready for review and the duplicate-advisory check affects database correctness.

The data change matches the new check: on current origin/master, the touched YARD advisories contain duplicate GHSA 3jfp-46x4-xgfj; on this branch, only gems/yard/CVE-2026-41493.yml remains and the duplicate GHSA entry is gone.

I ran the repo checks locally with Ruby 3.3.11 and project-local gems:

bundle exec rspec spec/advisories_spec.rb
bundle exec rake lint
git diff --check origin/master...HEAD

spec/advisories_spec.rb passed with 58,703 examples. rake lint also passed: schema validation had 1,281 examples and the advisory lint pass had 58,703 examples, all with 0 failures. The visible GitHub checks, GitHub Actions audit and Linter, are green as well.

Looks good from this pass.