Allow dependencies to be fetched from the database

What does this MR do and why?

Describe in detail what your merge request does and why.

Historically, DependenciesController has served dependencies by parsing JSON job artifacts. In &8024 (closed), we laid the foundational groundwork to persist representations of these artifacts to the database so that they could be queried instead. This change adds the initial implementation to have DependenciesController return data from the database instead.

If no SBoM reports are available, then we will fall back to the old behavior instead.

There is more work to be done before we can achieve 1:1 parity with the existing functionality. The following will be handled via follow-up MRs:

1. Adding filtering
2. Adding sorting
3. Returning license data
4. Returning vulnerability
5. Doing the same for the Dependencies API

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

1. Ensure that you have an EE license

2. Setup gitlab runner

3. Create a new project from a template, use the NodeJS/Express template.

4. Create a .gitlab-ci.yml file with this configuration:

   include:
     - template: Security/Dependency-Scanning.gitlab-ci.yml

5. If a pipeline did not start automatically, trigger one manually by going to CI/CD -> Pipelines.

6. Verify that the gemnasium-dependency_scanning job outputs a gl-sbom-npm-npm.cdx.json artifact.

7. Go to <instance_url>/group/project/-/dependencies.json - This is the existing behavior

8. Enable the feature flag using the rails console: Feature.enable(:sbom_dependency_data)

9. Reload dependencies.json. The results should be the same, but vulnerabilities and licenses will be empty.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.