Deprecate DAST_HTML_REPORT, DAST_XML_REPORT, and DAST_MARKDOWN_REPORT for DAST

Overview

In 16.0 we will be dropping support for ZAP customization variables reports that are configured via the environment variables: DAST_HTML_REPORT, DAST_XML_REPORT, and DAST_MARKDOWN_REPORT

These reports are:

1. No longer valuable as authentication is completed via browser-based DAST
2. Browser based DAST is now running passive attacks
3. GitLab's vulnerability report and pipeline reports provide a single source of truth.

To ensure a smooth transition, we should emit a deprecation notice when the DAST engine is called with any of these values set.

"Use of the DAST_HTML_REPORT, DAST_XML_REPORT, and DAST_MARKDOWN_REPORT are deprecated and will no longer work in GitLab 16.0. You can view reports in the pipeline page in GitLab."

• Add deprecation notice to code
• Add conditional into DAST engine so that the values are ignored if DAST version is >=4. This way, when we bump the version, we do not need to immediately remove the code.
• @derekferguson publish deprecation notice