Presenter for Vulnerabilities::Occurrence doesn't generate blob_path
if sha is missing. For some cases sha is dynamically added via joined
table, for pipeline reports sha is completely missing. To make
behavior more consistent we will introduce sha related accessors and
will populate it from either reports or joined queries.

* Adds `/group/:group_id/-/security/vulnerable_projects` which returns a
    list of the group's projects with vulnerabilities
* Adds Vulnerabilities::Occurrence.batch_count_by_project_and_severity
    which batch loads vulnerability counts grouped by severity and by
    project
* Adds Group#vulnerable_projects which returns a list of the group's
    vulnerable projects
* Adds VulnerableProjectSerializer and VulnerableProjectEntity, which
    exposes a vulnerability count method for each severity
* Adds VulnerableProjectPresenter which creates the vulnerability count
    method exposed in VulnerableProjectEntity

https://gitlab.com/gitlab-org/gitlab-ee/issues/11190

Consider enum values rather than string
Added further test

Add resolve_vulnerability ability for User.
Add POST /vulnerabilities/:id/dismiss API.
Add computed state to Findings. Update
the related finder and associations to
support that computed state.

Added tests
Updated existing test

Vulnerabilities::DismissSerivce is responsible
for dismissal of Vulnerabilities and their
associated Findings (creation of dismissal
feedback records for all Findings
as a cascade.

Change payload to match with vulnerability api
Update tests

A new param with_security_reports was added to
GET /groups/:id/projects API and the code to
support this logic in GroupProjectsFinder and
Project model. Also, a DB index was added to
ci_job_artifacts table to speed up the search
of security reports artifacts for projects

This allows us to more easily stub paginates_per in specs, as well as
clarifies a mystery number. (Not that it was too difficult to understand
before, but it's nicer now.)

Updates changed method names and fixes spec failures

Where the GSD is the group security dashboard.

This adds:

- A confidence filter to the store
- A confidence filter to the vulnerabilities controller
- Tests for all the above

This query was duplicating results due to a bad join.

This exposes the path to the file, with line numbers where available,
for a vulnerabilty occurrence. This will be used in the group security
dashboard to provide a link to the offending file.

Fixes https://gitlab.com/gitlab-org/gitlab-ee/issues/9224

 - Add `MergeRequests::CreateFromVulnerabilityDataService`
 - Add new Vulnerabilities::Feedback#feedback_type of 'merge_request'

This reverts merge request !9326

Fixes https://gitlab.com/gitlab-org/gitlab-ee/issues/9224

 - Add `MergeRequests::CreateFromVulnerabilityDataService`
 - Add new Vulnerabilities::Feedback#feedback_type of 'merge_request'

Fixes https://gitlab.com/gitlab-org/gitlab-ee/issues/9397

Fix flaky test that can occur when rounding by Date instead of Time.
This can result in scoping failures when run on a computer with non-UTC
timezone

Allows for distinct conditions between dismissal and issue feedback

Provide vulnerability counts per day per severity for the last 90 days.

Only fetch the vulnerabilities for the latest pipeline of each project.

Extend models to provide necessary logic for security reports.
Add Secuirity Reports ruby classes
Add SAST parser
Add logic to store report in database