In order to run the new 2.0.0 seccheck, we need the following (from T226420#5302787):
- seccheck72 job: These should only have php-ast 1.0.1, and T218719 should provide anything needed for the upgrade. Note that this job can only be used for repos using seccheck 2.0.0.
- seccheck70 job: This one is more complicated. It should behave the same as the phan job: if there's seccheck <=1.5.1 in composer.json, it should use php-ast 0.1.2. If there's seccheck 2.0.0 it should use php-ast 1.0.0.