GlobalAdvisoryScanWorker fails for SBOM occurrences without project

Summary

We have observed high failure rate for the PackageMetadata::GlobalAdvisoryScanWorker sidekiq jobs.

• Error ratio on Grafana: https://dashboards.gitlab.net/d/sidekiq-worker-detail/sidekiq3a-worker-detail?from=2025-05-05T08:26:45.931Z&to=2025-05-05T20:26:45.931Z&var-environment=gprd&var-stage=main&var-worker=PackageMetadata::GlobalAdvisoryScanWorker&timezone=utc&orgId=1&var-PROMETHEUS_DS=mimir-gitlab-gprd&viewPanel=panel-2383655193
• Kibana logs: https://log.gprd.gitlab.net/app/r/s/lCEPN
• Sentry error: https://new-sentry.gitlab.net/organizations/gitlab/issues/1520831/?project=3&query=is%3Aunresolved+GlobalAdvisoryScanWorker&referrer=issue-stream&statsPeriod=14d&stream_index=0

Steps to reproduce

Example Project

What is the current bug behavior?

What is the expected correct behavior?

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info

(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check

(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)
(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)
(we will only investigate if the tests are passing)

Possible fixes