Consider ElasticSearch's better array attribute filtering as a way to reduce denormalisation duplication

The following discussion from !12117 (merged) should be addressed.

One of the discussed approaches for the solution is that facilitating the vulnerability report will likely need the vulnerability_reads table to include a ref field to contain the desired branch name that a user will want to view so that vulnerabilities can be filtered by this branch value and retrieved efficiently.

Unfortunately this means needing to duplicate the vulnerability_read record per applicable branch, as we have found in the past with attempting to make vulnerabilities filterable by Owasp Top 10 identifers that array columns are not indexable, resulting in horrendous performance when attempting to filter by a particular value within the array.

We however have had greater success with the in our recent implementation of vulnerability search and filter in ElasticSearch. As such, it may be that we can use an array of matching refs for a vulnerability if using ElasticSearch to have improved retrieval times with less data duplication.

This is something we should discuss and/or investigate further.