Create sbom_occurrence_refs join table

In order to begin associating dependencies with refs, we want a table that allows us to join the data between tracked refs and sbom_occurrence.

Unlike vulnerability_occurrences, sbom_occurrences do not change substantially between refs, so allowing for a N:N relationship between refs and sbom_occurrences allows us to minimize duplication.

The desired table definition is as follows:

CREATE TABLE sbom_occurrence_refs (
  id bigint NOT NULL,
  sbom_occurrence_id bigint NOT NULL,
  security_projects_tracked_context_id bigint NOT NULL,
  commit_sha bytea NOT NULL,
  pipeline_id bigint
);

This table will later hold the commit_sha and pipeline_id values that currently exist on sbom_occurrences, as these are the only 2 attributes on the occurrences table that will change with each branch context.