Add dependency to location, generate compare key & message for DS

Changes to the issue package required for Dependency Scanning:

• add dependency name & version to Location
• generate compare key automatically when this is a DS vulnerability
• introduce DependencyScanningVulnerability to customer JSON encoding
• extract SASTVulnerability

It introduces a breaking change since SAST analyzers have to use SASTVulnerability in order to have the deprecated fields in the JSON output.

Issues:

• https://gitlab.com/gitlab-org/gitlab-ee/issues/8654
• https://gitlab.com/gitlab-org/gitlab-ee/issues/8656