Improve code reference scan with indirect flag references

[emyller]

While some regex'ing was all it took for a successful PoC, there are valid ways of referencing feature flags we still don't cover.

For example (thanks @khvn26 for pointing out), Flagsmith/flagsmith#6970 introduces a function that will make flag references indirect:

def is__premium_support__enabled(organisation):
    return client.is_flag_enabled("premium_support")  # This is found in the scan.

def the_actual_business_function():
    if is__premium_support__enabled(org):  # This is a more important reference, but isn't found.
        ...

def another_function():
    if is__premium_support__enabled(org):  # Multiple uses of the flag stay hidden!
        ...

Acceptance criteria

• The code references scan covers for indirection such as the above.

Might be a good idea to look into ast.

[khvn26]

Sorry, did you mean ast-grep? Using just the Python ast parser doesn't make a lot of sense to me.