Move SAST reports logic for the Merge Request widget to the backend - frontend part

What does this MR do?

This moves the reports logic from the frontend to the backend for SAST reports in on an MR. It's behind the feature flag sastMergeRequestReportApi which is currently disabled.

Once the feature flag is enabled, the user will see no changes. We generate the same report, just in the backend instead of the frontend. This should improve performance, load times, and code reuse.

If you need it, here's an explainer video (just replace all mentions of container scanning with sast): https://youtu.be/WzgsWDcvmes

This is basically the same MR as !15226 (merged), !15406 (merged), and !15403 (merged) just for a different report type. The main difference being that SAS is in its own module so it it handled slightly differently, but the principal is the same.

Does this MR meet the acceptance criteria?

Conformity

• [-] Changelog entry
• [-] Documentation created/updated or follow-up review issue created
• Code review guidelines
• Merge request performance guidelines
• Style guides
• [-] Database guides
• [-] Separation of EE specific content

Performance and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• Tested in all supported browsers

Closes #13647 (closed)