Add filtering to `Sbom::DependenciesFinder`

Why are we doing this work

In order to have dependencies from the database achieve parity with the existing dependency list, we need to update Sbom::DependenciesFinder so that it can filter dependencies in the same way as Security::DependencyListService

Relevant links

Non-functional requirements

Documentation:
Feature flag:
Performance:
Testing:

Implementation plan

Create a Types::Sbom::PackageManagerEnum with the values ['bundler', 'yarn', 'npm', 'maven', 'composer', 'pip', 'conan', 'go', 'nuget', 'sbt', 'gradle', 'pipenv', 'setuptools']
Change the type of Types::Sbom::DependencyType.packager to be PackageManagerType
Have Resolvers::Sbom::DependenciesResolver accept a packager_manager field of type PackageManagerType.
Update Sbom::DependenciesFinder to filter by package manager

Verification steps

Go to graphql-explorer.
Use the following (or similar) query:

query {
  project(fullPath:"gitlab-org/gitlab"){
    dependencies(packageManagers:[BUNDLER]){
      nodes{
        name
        version
        packager
      }
    }
  }
}

Expect only dependencies with packager equals to BUNDLER.

Same can be performed with YARN and etc...

Edited May 11, 2023 by Zamir Martins