[Backend] SAST location.blobPath stays empty on GraphQL Query

Overview

This issue is intended to fix location.blobPath staying empty in findingReportsComparer type.
The same field is already present in /security_reports?type=sast internal endpoint.
See example: jannik_lehmann/sast-inline-findings-example!2 (search for blob_path)

Implementation Plan

Update location method to merge in blob_path: object['blob_path'] as well.
Update specs (if necessary).
Update graphql documentation, see guidelines.

Example Query

query getMRCodequalityAndSecurityReports {
  project(fullPath: "jannik_lehmann/sast-inline-findings-example") {
    id
    mergeRequest(iid: "2") {
      id
      title
      project {
        nameWithNamespace
        fullPath
      }
      hasSecurityReports
      sastReport: findingReportsComparer(reportType: SAST) {
        status
        report {
          added {
            identifiers {
              externalId
              externalType
              name
              url
            }
            uuid
            title
            location
            description
            state
            severity
            foundByPipelineIid
            location {
              ... on VulnerabilityLocationSast {
                file
                startLine
                endLine
                vulnerableClass
                vulnerableMethod
                blobPath
              }
            }
          }
        }
      }
    }
  }
}

Edited Nov 11, 2023 by Ahmed Hemdan