Add Dependency list to Explore page

What does this MR do and why?

This MR contains a spike implementation of a global dependency list that is available under /explore/dependencies. This initial version of the Dependency list is gated behind a feature flag and only available to instance admins. It requires membership to the default organization and removes features such as exporting, filtering, sorting, grouping, and advanced pagination.

• #438729 (closed)

SELECT 
  "sbom_occurrences"."id",
  "sbom_occurrences"."created_at",
  "sbom_occurrences"."updated_at",
  "sbom_occurrences"."component_version_id",
  "sbom_occurrences"."project_id",
  "sbom_occurrences"."pipeline_id",
  "sbom_occurrences"."source_id",
  "sbom_occurrences"."commit_sha",
  "sbom_occurrences"."component_id",
  "sbom_occurrences"."uuid",
  "sbom_occurrences"."package_manager",
  "sbom_occurrences"."component_name",
  "sbom_occurrences"."input_file_path",
  "sbom_occurrences"."licenses",
  "sbom_occurrences"."highest_severity",
  "sbom_occurrences"."vulnerability_count",
  "sbom_occurrences"."source_package_id"
FROM "sbom_occurrences"
INNER JOIN "projects" ON "sbom_occurrences"."project_id" = "projects"."id"
WHERE "projects"."organization_id" = 1 
ORDER BY "sbom_occurrences"."id" ASC
LIMIT 20
OFFSET 0;

Time: 25.281 ms
  - planning: 7.076 ms
  - execution: 18.205 ms
    - I/O read: 17.753 ms
    - I/O write: 0.000 ms

Shared buffers:
  - hits: 82 (~656.00 KiB) from the buffer pool
  - reads: 14 (~112.00 KiB) from the OS file cache, including disk I/O
  - dirtied: 0
  - writes: 0

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/25779/commands/81260

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

How to set up and validate locally

1. Enable explore_dependencies feature flag. Feature.enable(:explore_dependencies)
2. Log in as an instance admin.
3. Ensure membership in the default organization. ::Organizations::OrganizationUser.create_default_organization_record_for(1, user_is_admin: true)
4. Open http://gdk.test:3000/explore/dependencies

added backend groupauthorization labels

assigned to @mokhax

added devopsgovern sectionsec labels

added frontend label

	3 Warnings
	This merge request is quite big (755 lines changed), please consider splitting it into multiple merge requests.
	8df2137e: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.
	featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart. For more information, see: The Handbook page on merge request types. The definition of done documentation.

	1 Message
	CHANGELOG missing: If this merge request needs a changelog entry, add the Changelog trailer to the commit message you want to add to the changelog. If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

Reviewer roulette

Category	Reviewer	Maintainer
backend	@robyrne (UTC+0, 7 hours ahead of author)	@alexpooley (UTC+8, 15 hours ahead of author)
database	@dstull (UTC-5, 2 hours ahead of author)	@dfrazao-gitlab (UTC+1, 8 hours ahead of author)
frontend	@elwyn-gitlab (UTC+13, 20 hours ahead of author)	@blabuschagne (UTC+1, 8 hours ahead of author)
~"Authorization"	Reviewer review is optional for ~"Authorization"	@hmehra (UTC+11, 18 hours ahead of author)

Please check reviewer's status!

• Reviewer is available!
• Reviewer is unavailable!

Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

Proper labels assigned to this merge request. Please ignore me.

@mokhax - please see the following guidance and update this merge request.

	1 Error
	Please add typebug typefeature, or typemaintenance label to this merge request.

E2E Test Result Summary

allure-report-publisher generated test report!

e2e-test-on-gdk: test report for 5d0b87e3

expand test summary

+------------------------------------------------------------------+
|                          suites summary                          |
+-------------+--------+--------+---------+-------+-------+--------+
|             | passed | failed | skipped | flaky | total | result |
+-------------+--------+--------+---------+-------+-------+--------+
| Create      | 8      | 0      | 3       | 0     | 11    | ✅     |
| Govern      | 65     | 0      | 1       | 0     | 66    | ✅     |
| Plan        | 4      | 0      | 0       | 0     | 4     | ✅     |
| Data Stores | 2      | 0      | 0       | 0     | 2     | ✅     |
| Monitor     | 4      | 0      | 0       | 0     | 4     | ✅     |
| Package     | 0      | 0      | 1       | 0     | 1     | ➖     |
+-------------+--------+--------+---------+-------+-------+--------+
| Total       | 83     | 0      | 5       | 0     | 88    | ✅     |
+-------------+--------+--------+---------+-------+-------+--------+

e2e-package-and-test: test report for 5d0b87e3

expand test summary

+------------------------------------------------------------------+
|                          suites summary                          |
+-------------+--------+--------+---------+-------+-------+--------+
|             | passed | failed | skipped | flaky | total | result |
+-------------+--------+--------+---------+-------+-------+--------+
| Govern      | 166    | 0      | 14      | 2     | 180   | ✅     |
| Create      | 16     | 0      | 6       | 0     | 22    | ✅     |
| Plan        | 8      | 0      | 0       | 0     | 8     | ✅     |
| Data Stores | 4      | 0      | 0       | 0     | 4     | ✅     |
| Monitor     | 8      | 0      | 0       | 0     | 8     | ✅     |
| Package     | 0      | 0      | 2       | 0     | 2     | ➖     |
+-------------+--------+--------+---------+-------+-------+--------+
| Total       | 202    | 0      | 22      | 2     | 224   | ✅     |
+-------------+--------+--------+---------+-------+-------+--------+

e2e-review-qa: test report for 5d0b87e3

expand test summary

+-------------------------------------------------------------+
|                       suites summary                        |
+--------+--------+--------+---------+-------+-------+--------+
|        | passed | failed | skipped | flaky | total | result |
+--------+--------+--------+---------+-------+-------+--------+
| Govern | 3      | 0      | 0       | 0     | 3     | ✅     |
+--------+--------+--------+---------+-------+-------+--------+
| Total  | 3      | 0      | 0       | 0     | 3     | ✅     |
+--------+--------+--------+---------+-------+-------+--------+

added 3 commits

• 068c19a1 - Bootstrap the dependencies app
• ce440aec - Load SBOM occurrences through the default organization
• f4d2d979 - Undo accidental change

Compare with previous version

changed the description

Bundle size analysis [beta]

This compares changes in bundle size for entry points between the commits 13e55430 and 5d0b87e3

Special assets

Entrypoint / Name	Size before	Size after	Diff	Diff in percent
average	4.14 MB	4.13 MB	-	-0.0 %
mainChunk	3.13 MB	3.13 MB	-	0.0 %

New entry points: 1

Expand

Entrypoint / Name	Size before	Size after	Diff	Diff in percent
pages.explore.dependencies	0 Bytes	559.58 KB	+559.58 KB	100.0 %

---

Note: We do not have exact data for 13e55430. So we have used data from: ae1f8767.
The target commit was too new, so we used the latest commit from master we have info on.
It might help to rerun the bundle-size-review job
This might mean that you have a few false positives in this report. If something unrelated to your code changes is reported, you can check this comparison in order to see if they caused this change.

Please look at the full report for more details

---

Read more about how this report works.

Generated by Danger

added 1 commit

• 19f2348e - Rename NAMESPACE_EXPLORE TO NAMESPACE_ORGANIZATION

Compare with previous version

mentioned in issue #432264 (closed)

mentioned in issue #438729 (closed)

mentioned in issue #438743 (closed)

mentioned in epic &12460

changed the description

added 250 commits

• 19f2348e...4bd3b171 - 244 commits from branch master
• 741f0ac6 - Scaffold out explore/dependencies
• 0654d495 - Bootstrap the dependencies app
• 212f51bf - Load SBOM occurrences through the default organization
• 0aa12dd0 - Undo accidental change
• 69637f95 - Rename NAMESPACE_EXPLORE TO NAMESPACE_ORGANIZATION
• 09075ce0 - Restrict access to /explore/dependencies to self managed

Compare with previous version

added 228 commits

• 09075ce0...c4eb4dba - 221 commits from branch master
• f4e3b5a0 - Scaffold out explore/dependencies
• 93926a0a - Bootstrap the dependencies app
• 9842e442 - Load SBOM occurrences through the default organization
• c98221c9 - Undo accidental change
• 5fafbaf7 - Rename NAMESPACE_EXPLORE TO NAMESPACE_ORGANIZATION
• c2a693e4 - Restrict access to /explore/dependencies to self managed
• 68e19d02 - Move explore/dependencies menu to /ee

Compare with previous version