Add vulnerabilities into sbom_occurrences.

Why are we doing this work

As discussed here, the following is an overview of the plan for adding vulnerabilities into both project and group levels:

• Add vulnerabilities into sbom_occurrences.
• Update sbom_occurrences ingestion in order to fill vulnerabilities.
• Add vulnerabilities as part of graphql dependency_type.
• Update dependency entity to support vulnerabilities for group level controller.
• Update dependencies_table.vue to include vulnerabilities for group level.
• Add support to sorting (two levels) based on the existing dependency list service.
• Add support for filtering based on the existing dependency list service.

note A new FF is recommended for the set of changes proposed above.

Link to the PoC MR to keep this comment self-contained.

Relevant links

Non-functional requirements

• Documentation:
• Feature flag:
• Performance:
• Testing:

Implementation plan

• database Add vulnerabilities into sbom_occurrences.
• backend Add validation on the model layer.

Verification steps