Enable AI-resolve for findings without vulnerabilities

We currently depend on the finding to have a vulnerability attached for the following reasons:

1. Display logic: We depend on PipelineSecurityReportFinding.vulnerability.aiResolutionEnabled (and PipelineSecurityReportFinding.vulnerability.aiResolutionAvailable) to determine if the "Resolve with AI" button should be rendered
2. AI-Resolution mutation: We need PipelineSecurityReportFinding.vulnerability.id as the resourceId for the aiAction mutation that triggers the resolving of the finding

The problem is that a PipelineSecurityReportFinding does not have a Vulnerability per default. As a matter of fact, in most cases it does not. Only when, for example, when an issue got attached or a state change occurred.

That means for many findings, the AI-resolution is currently not supported.