API endpoint to get related Issues of a Vulnerability

What does this MR do?

This MR adds the API endpoint to get a list of Issues related to a Vulnerability. This is a part of the creating Issues associated with Vulnerabilities functionality which is the part of the backstage implementation for Standalone Vulnerabilities.

The UX idea behind this feature is to provide the linking of Issues and Vulnerabilities similar to the Related Issues functionality for Issues. Vulnerabilities will get the ability to related Issues to them.

There is one special kind of related Issue for a Vulnerability - an issue that was created directly from a Vulnerability to remediate it. From the primary user flow designs:

Related issues; If a user creates an issue from the vulnerability, it will automatically be added to this section. Additionally, a user may add as many related issues as they desire using the add issue + button in this area.

• Caveat: Only issues added as related manually can be removed from this section. The issue created from the vulnerability cannot be removed.

To support this, the link_type column of vulnerability_issue_links table is used. When serialized for the API, it becomes vulnerability_link_type string enum attribute. It tells if this link represents an Issue created from a Vulnerability or was it manually marked as related to it. There could be more link types later.

WARNING: the commit with DB schema changes and models is added to this MR to speedup and parallelize the development of different steps of (#34564 (closed)) as the DB changes usually take a bit longer to be reviewed. The DB and model changes are being reviewed in a separate merge request and can be skipped here.

Does this MR meet the acceptance criteria?

Conformity

• [-] Changelog entry | No changelog entry as this is a ~backstage functionality, also protected with a default-false feature flag
• [-] Documentation (if required) | This is a backstage issue, documentation for the related functionality is going to be added within #13561 (closed) when the respective frontend is implemented
• Code review guidelines
• Merge request performance guidelines
• Style guides
• [-] Database guides
• Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• [-] Tested in all supported browsers

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• [-] Label as security and @ mention @gitlab-com/gl-security/appsec
• [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• [-] Security reports checked/validated by a reviewer from the AppSec team