Ingore risk score related columns from vulnerability_statistics and vulnerability_namespace_statistics tables before removal

The previous implementation plan for vulnerability risk scoring was based on storing aggregated metrics at the project and group levels to provide statistical data for vulnerability management. This approach included storing calculated metrics in dedicated statistics tables:

Previous Implementation in Statistics Tables

vulnerability_namespace_statistics table (for groups):

• age_average - Average age of vulnerabilities in the group
• age_standard_deviation - Standard deviation of vulnerability ages
• risk_score - Aggregated risk score for the group

vulnerability_statistics table (for projects):

• age_mean - Mean age of vulnerabilities in the project
• age_sum_of_squares - Sum of squares for age calculations
• risk_score - Aggregated risk score for the project

Implementation Change

The implementation approach has evolved and these pre-calculated statistical columns are no longer needed. The current implementation now:

1. Stores individual risk scores in the vulnerability_finding_risk_scores table per finding
2. Calculates aggregations on-demand rather than pre-computing and storing them
3. Uses Elasticsearch for efficient filtering and aggregation of vulnerability data
4. Provides real-time calculations instead of potentially stale cached statistics

Required Changes

Before removing the columns we have to set them as ignored