Dont show Security::Findings dismissed on the default branch

What does this MR do and why?

This MR adjusts lib/gitlab/ci/reports/security/vulnerability_reports_comparer.rb so that is hides Vulnerabilities that are present on the default branch and have been dismissed

Database review

We're introducing a new query:

SELECT "vulnerability_occurrences"."uuid" 
FROM "vulnerability_occurrences"
JOIN vulnerabilities 
ON vulnerability_occurrences.vulnerability_id = vulnerabilities.id
AND vulnerabilities.state = 2
AND vulnerabilities.present_on_default_branch = true
WHERE "vulnerability_occurrences"."uuid" IN ('5061fba7-f596-4f9e-a432-ff19db206633', '059c29a2-0499-4e2b-8009-432226844fa3');

Cold cache plan: https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/16564/commands/56694

Warm cache plan: https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/16564/commands/56695

This query seems to struggle performance wise when bulks of unexpected UUID's are passed, so we've limited the queries to be executed with 100 UUID's at a time, however a vulnerability report could have thousands of UUID's to query, so this may become rapidly unfeasible. As a result we've placed this feature behind the filter_vulnerability_findings_dismissed_on_default feature flag so that we can easily flip it on and off in the event it's simply not reasonable to execute, in which case we won't be able to fix this issue without a more significant rewrite of the vulnerability behaviour.

Evidence of functioning metric collection

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #390198 (closed)