Accept `comment` for all vulnerability state changes

Why are we doing this work

Due to a backend limitation, the scope of #292636 (closed) was changed to add a comment only when changing a vulnerability state to "dismissed".

This issue is to follow-up the work and enable the comment field for all state changes.

Relevant links

• Design issue: #267582 (closed)
• Backend issue to add ability for comments in all state changes: #323129 (closed)
• Original issue: #292636 (closed)

Non-functional requirements

• Documentation:
• Feature flag:
• Performance:
  • Create Vulnerabilities::StateTransition records via a Sidekiq worker if user selects more than X (100?) Vulnerabilities so that we don't timeout. This can be done in a follow-up issue if the initial MR grows too big.
• Testing:

Implementation plan

• Add a length constraint on comment (done, max size is 255 characters)
• Adjust ee/app/services/vulnerabilities/dismiss_service.rb to pass comment to Vulnerabilities::StateTransition.create
• Make sure ee/app/services/security/findings/dismiss_service.rb passes comment when creating Vulnerabilities::StateTransition
• Adjust GraphQL mutations under ee/app/graphql/mutations/vulnerabilities/* to accept a comment and add it to Vulnerabilities::StateTransition
• Make sure we don't accept dismissal_reason outside of dismissal mutations