fix: Suppress highFP rules by default

What does this MR do?

Fixes 2 recent regressions that re-enabled eslint.detect-object-injection:

1. When we bumped the semgrep MAJOR version we incorrectly cleaned up the conditional that caused eslint.detect-object-injection to be re-included by default. The conditional should have defaulted to true instead of being removed
2. With the merge of pulling in eslint sast-rules the removal logic broke since we deserialize from the raw semgrep rules. Previously this was detect-object-injection but now includes a trailing -1.

Simplest fix would be updating the mapping to include -1, however we should remove the rule entirely given the serialization can be messy and mutate the results, see !266 (comment 1391004186) and gitlab-org/security-products/sast-rules!150 (merged)

What are the relevant issue numbers?

Addresses gitlab-org/gitlab#411469 (closed)

Testing

Using https://gitlab.com/gitlab-gold/cmutua-security-group/typescript-fp.git

❯ docker run -it --rm -e SAST_EXPERIMENTAL_FEATURES=true -v $PWD:/tmp/app -w /tmp/app registry.gitlab.com/security-products/semgrep:4 /analyzer run
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
[INFO] [Semgrep] [2023-05-15T17:05:27Z] ▶ GitLab Semgrep analyzer v4.2.1
[INFO] [Semgrep] [2023-05-15T17:05:27Z] ▶ Detecting project
[INFO] [Semgrep] [2023-05-15T17:05:27Z] ▶ Analyzer will attempt to analyze all projects in the repository
[INFO] [Semgrep] [2023-05-15T17:05:27Z] ▶ Running analyzer
[INFO] [Semgrep] [2023-05-15T17:05:33Z] ▶ Creating report
❯ cat gl-sast-report.json | jq '.vulnerabilities | first | .identifiers | first'
{
  "type": "semgrep_id",
  "name": "eslint.detect-object-injection",
  "value": "eslint.detect-object-injection",
  "url": "https://semgrep.dev/r/gitlab.eslint.detect-object-injection"
}

❯ docker run -it --rm -e SAST_EXPERIMENTAL_FEATURES=true -v $PWD:/tmp/app -w /tmp/app semgrep:resuppress-detect-object-injection /analyzer run
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
[INFO] [Semgrep] [2023-05-15T17:04:56Z] ▶ GitLab Semgrep analyzer v4.2.1
[INFO] [Semgrep] [2023-05-15T17:04:56Z] ▶ Detecting project
[INFO] [Semgrep] [2023-05-15T17:04:56Z] ▶ Analyzer will attempt to analyze all projects in the repository
[INFO] [Semgrep] [2023-05-15T17:04:56Z] ▶ Running analyzer
[INFO] [Semgrep] [2023-05-15T17:05:02Z] ▶ Creating report

❯ cat gl-sast-report.json | jq '.vulnerabilities | first | .identifiers | first'
null

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer