Extend GraphQL dependency type

What does this MR do and why?

This MR exposes new fields to our existing GraphQL endpoints, so it can be used to for our filtered dependency page. Currently the pages are using REST and we want to migrate over to GraphQL. Issue: Migrate dependency filtering to GraphQL (#513524 - closed)

Ex:

• Project: https://gitlab.com/gitlab-org/govern/threat-insights-demos/frontend/security-reports/-/dependencies
• Group: https://gitlab.com/groups/gitlab-examples/security/-/dependencies

Project	Group

New fields added:

# Dependency Type
vulnerability_count

# License
url
spdx_identifier

# Location type
top_level

Note: In order to migrate the dependency page to from REST to GraphQL, it still requires some additional fields. Those will be worked on in another MR, as those fields require a bit more effort. More info in the issue: Migrate dependency filtering to GraphQL (#513524 - closed)

occurrence_count: string
project_count: string
component_id: string

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before	After

How to set up and validate locally

1. Open the GraphQL Explorer
2. Paste the query and it should display the results

Group	Project

Group

query groupDependencies {
  group(fullPath: "secure-ex") {
     dependencies {
      nodes {
        id
        name
        licenses {
          name
          url
          spdxIdentifier
        }
        packager
        version
        vulnerabilityCount
      }
    }
  }
}

Project

query projectDependencies {
  project(fullPath: "secure-ex/security-reports") {
     dependencies {
      nodes {
        id
        name
        licenses {
          name
          url
          spdxIdentifier
        }
        packager
        version
        vulnerabilityCount
        location {
          path
          blobPath
          topLevel
          ancestors
        }
      }
    }
  }
}

Related to #513524 (closed)