Add Security Reports Integration feature

Problem to solve

With the split of the Secure stage into independent groups and the ongoing enthusiasm for 3rd party integrations, we need to clearly identify a Group to be responsible for maintaining the integration layer of the Security Reports.

This is mandatory to maintain the generic workflow we've designed within the GitLab application: whatever the type of vulnerability, they seamlessly follow the same workflow. This allows reducing code complexity, maintenance costs, and also provides a consistent and simple User Experience. Note that this doesn’t prevent specific enhancements on a per report-type basis. This integration layer also ensures that we'll limit the cost to support 3rd party integrations with GitLab as they'll have to conform to this integration layer.

Proposal

This merge request explicit that responsibility by adding a Security Reports Integration feature and put it as Other functionality handled by the Composition Analysis group.

It also adjusts these other feature labels to avoid ambiguity:

• rename security reports into MR security reports
• add pipeline security reports

NB: the other functionality section should be updated soon with the outcome of gitlab-org/gitlab#34649 (closed) so that we can link to it.

Preview

https://add-security-reports-integration-feature.about.gitlab-review.app/handbook/product/categories/index.html#composition-analysis-group-1

Questions

@matt_wilson: is this separate from or starting to overlap heavily with Ecosystem group? https://about.gitlab.com/handbook/product/categories/#ecosystem-group

=> @gonzoyumo: It could partially overlap when it comes to supporting 3rd party integration. Though, this is also an important internal usage within Secure as all our officially supported tools to provide out-of-the-box Security Reports are leveraging this integration layer.