Ensure we sort all vulnerabilities by Severity then Confidence

Description

To help users handle the vulnerabilities more efficiently we need to sort them by Severity and then Confidence when doable.

Proposal

As Security Reports are generated in different ways the implementation will vary:

SAST: implement the sort in the sast project and also in the common library (for standalone usage)
Dependency Scanning: implement the sort in the dependency scanning project
Container Scanning: implement the sort in the front end until we have our own intermediate layer. NB: There is no Confidence property provided by Container Scanning, we'll sort on Severity only.
DAST: implement the sort in the front end until we have our own intermediate layer

Implementation Plan

Sort all vulnerabilities by Severity then Confidence for dashboard and Pipeline views #34114 (closed)
Sort all vulnerabilities by Severity then Confidence for MR widget #34115 (closed)

Edited Oct 15, 2019 by Olivier Gonzalez