Security Row with SAST vuln count only + artifact downloads
This epic represents the next stage for https://gitlab.com/groups/gitlab-org/-/epics/4388, once https://gitlab.com/groups/gitlab-org/-/epics/4393 has been done.
| MVC iteration (https://gitlab.com/groups/gitlab-org/-/epics/4393) | This epic's goal |
| ------ | ------ |
|  | <br>Updated colorized state:  |
## Implementation plan
~backend
1. [Expose download paths to security report artifacts](https://gitlab.com/gitlab-org/gitlab/-/issues/251015)
1. [Move the `enabled_reports` field from EE to CE](https://gitlab.com/gitlab-org/gitlab/-/issues/273424) (draft implementation: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43716)
- This turned out to be trickier than it first appeared, since the Rails application still considers `sast` and `secret_detection` to be [EE Ultimate features](https://gitlab.com/gitlab-org/gitlab/blob/dd49c16a68a7ef29f82327ed5a7483e4d05444ee/ee/app/models/license.rb#L145-147)
~frontend
1. [Make the basic security MR widget available for Free users on `.com`, and Starter/Premium users on `.com`/self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/273205)
1. [Check all pipeline jobs for security artifacts in basic security MR widget](https://gitlab.com/gitlab-org/gitlab/-/issues/276440)
1. [Add dropdown for getting report artifacts](gitlab#249544), consuming GraphQL API implemented in https://gitlab.com/gitlab-org/gitlab/-/issues/251015
1. [Enable `mr_security_artifacts_downloads` feature flag by default](https://gitlab.com/gitlab-org/gitlab/-/issues/273413)
1. [Remove `mr_security_artifacts_downloads` feature flag](https://gitlab.com/gitlab-org/gitlab/-/issues/273418)
1. [Implement vulnerability counts](https://gitlab.com/gitlab-org/gitlab/-/issues/273423)
1. [Implement upgrade popover](https://gitlab.com/gitlab-org/gitlab/-/issues/273425)
1. [Consume `enabled_reports` from backend](https://gitlab.com/gitlab-org/gitlab/-/issues/273431) (blocked by https://gitlab.com/gitlab-org/gitlab/-/issues/273424)
### Release notes
[13.5 release post](https://about.gitlab.com/releases/2020/10/22/gitlab-13-5-released/#improved-merge-request-experience-for-security-scans)
13.6 release post https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/67957
epic