Use security_findings for security MR widget report comparison

Background context

We had an epic to move from using report artifices for vulnerability finding comparisons. That epic is complete, and the pertinent information is now available in the finding_data jsonb column on the security_findings table

This issue

The security MR widget is one feature that relied on the original technique of using report artifacts for comparisons. As such, it can now be migrated to using the new finding_data column.

The way this widget currently works is:

1. Builds a Ci::CompareSecurityReportsService comparer service to compare a report generated from the MR's latest pipeline to the report generated from the default branch
   1. This service uses Security::PipelineVulnerabilitiesFinder to build the reports for comparison (it is named a finder, but returns Security::AggregatedReport objects)
      1. This finder finds all the findings via report artifacts (the logic we want to migrate away from)
      2. Then sorts these findings by severity
      3. Then uses these findings to return a Security::AggregatedReport

Implementation Plan

• Extend widget polling until the `Security::Stor... (#457851 - closed) • Michael Becker • 17.7
• We can use Security::FindingsFinder to fetch the findings from the new database table
  1. This finder returns the findings, not a Security::AggregatedReport
  2. The value from this finder is paginated and scoped to 20 by default, we will need all the results to match the current behavior
  3. the existing behavior is scoped to all, which includes dismissed findings not an issue as Security::FindingsFinder also can take a scope: 'all' option
• Verify the Vulnerability creation from Security Reports docs are still accurate

Testing

• Make sure e2e:package-and-test is run in the MR and review results.

Verification steps

tbd