Spike: Investigate replacing or integrating Repository X-Ray with dependency scanning from Composition Analysis

Context

As discussed in #467357 (comment 2004198368), the groupcomposition analysis team has a feature that runs dependency scanning and produces SBOMS. We could possibly leverage this feature in place of or integrated with the Repository X-Ray to improve Code Suggestions. This could resolve the issues we have with running the X-Ray as a CI job in a pipeline (#467357 (closed)).

Proposal

Investigate the possibility of replacing or integrating Repository X-Ray with the dependency scanning feature from groupcomposition analysis.

Considerations

• Dependency scanning capabilities are only in Ultimate. We'd need to enable dependency scanning for customers with Duo Pro or Enterprise licenses.
• See #467357 (comment 2004198368).

Outcomes

Please see #474306 (comment 2025085630). We decided to move the X-Ray functionality to the GitLab monolith.