Support new syntax for SAST/Dependency Scanning

What does this MR do?

This adds transformation logic from old syntax of reports to new syntax of reports:

[vulns] => {version: '1.x', vulnerabilities: [vulns]}

This introduces no new fields, just support for the new format.

What are the relevant issue numbers?

See https://gitlab.com/gitlab-org/gitlab-ee/issues/5656

Does this MR meet the acceptance criteria?

• Changelog entry added, if necessary
• Documentation created/updated
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the database guides
• Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.
• EE specific content should be in the top level /ee folder
• For a paid feature, have we considered GitLab.com plans, how it works for groups, and is there a design for promoting it to users who aren't on the correct plan?
• Security reports checked/validated by reviewer