Remove OSV scanner because it turns out to be redundant (#1195)

The OSV scanner workflow turns out to be unnecessary because pretty much
all of its benefits are obtained by using Dependabot.

Author: mhucka

.github/workflows/ci.yaml

@@ -588,15 +588,6 @@ jobs:
       - name: Run shellcheck on shell scripts that have been changed
         run: shellcheck ${{env.changed_files}}
 
-  vulnerability-checks:
-    if: needs.changes.outputs.requirements == 'true'
-    name: Vulnerability checks
-    needs: changes
-    uses: ./.github/workflows/osv-scanner.yaml
-    permissions: write-all
-    with:
-      reason: CI
-
   print-debugging-info:
     if: failure()
     name: Print debugging info upon job failure

.github/workflows/osv-scanner.yaml

@@ -45,18 +45,6 @@ concurrency:
   group: ${{github.workflow}}-${{github.event.pull_request.number||github.ref}}
 
 jobs:
-  osv-code-scan:
-    if: github.repository_owner == 'quantumlib'
-    name: Run periodic open-source vulnerabilities scanner
-    uses: ./.github/workflows/osv-scanner.yaml
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-    with:
-      reason: '(weekly)'
-      debug: ${{github.event.inputs.debug || false}}
-
   scorecard-repo-scan:
     if: github.repository_owner == 'quantumlib'
     name: Run periodic Scorecard analysis