[SPIKE] Determine how to decouple sbom services from `vulnerability_finding_pipelines`

Background Context

As part of the epic to Delete `vulnerability_occurrence_pipelines` table (&11241 - closed) • Michael Becker • On track, we needed to migrate two SBOM-related services off of using pipeline.vulnerability_findings (as that relation utilizes the table we want to delete)
We did this in !147504 (merged) by replacing the pipeline.vulnerability_findings call with project.vulnerability_findings
Going through the project caused a performance regression
we reverted the changes in Resolve query performance regression on SBOM re... (!149823 - merged) • Michael Becker • 17.0

Edited Jul 16, 2024 by Michael Becker