Some projects with vulnerabilities does not have `project_settings.has_vulnerabilities` true

Summary

To identify which projects have vulnerabilities, we store a boolean column called has_vulnerabilities in the project_settings table. When this column is true it means that there are vulnerability records associated with that project.

While checking something kinda related, I noticed that there are some projects with vulnerabilities which has this column set as false. This is a big issue because we use this information to filter projects with vulnerabilities on GraphQL API and also use this information to run migrations for projects with vulnerabilities.

What is the current bug behavior?

There are some projects with inconsistent data.

What is the expected correct behavior?

When a project has associated vulnerabilities, the related project_settings records must have the has_vulnerabilities column as true.

Output of checks

This bug happens on GitLab.com

Possible fixes

We need to understand why there is this inconsistency and need to run a migration to fix all those values.