* Surface false positives in Vulnerability UI behind a feature flag

This commit fixes an issue that happened on the pipeline security tab.

It prevented a correct link from showing when a GitLab instance was
installed under a relative URL.

Changelog: fixed
EE: true
MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64565

This commit adds an alert which shows if a pipeline contains
invalid JSON data related to the generic security report schema.

Changelog: added
MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62971
EE: true

Changelog: fixed
EE: true

Add 'full_codequality_report' as a starter feature
Check feature availability when rendering the pipeline Code Quality tab
Add a test to check that it's not rendered when feature is not available

Update ee/app/assets/javascripts/vue_shared/security_reports/components/solution_card.vue, ee/spec/frontend/vue_shared/security_reports/components/modal_spec.js files

Add pipelineJobsPath

* Add Vuex Module, mutations, actions, mutation types
* Update presenter helper to retun TRUE if fuzzing job is run

Implement download button/dropdown for fuzzing artifacts

* Add mutations, actions, getters, state properties
* Add fuzzing download vue component
* Add conditional rendering logic

Run prettier and linter

Update translations and add unit tests

* Add unit tests for actions, getters, and mutations

Add fuzzing download vue component unit tests

* Add unit tests
* Fix up alignment when fuzzing is shown and hidden

Add chaneglog entry for fuzzing feature

* Add EE only change log

Tweak styling for mobile

* Restructure markup to be more mobile friendly

- Cleaned up the previous approach for showing security reports
summaries in pipelines details
- Implemented the new SecurityReportsSummary component to show security
report summaries above the Pipeline Security Dashboard
- Added/updated tests

- Created the :pipelines_security_report_summary feature flag
- Added GraphQL query for fetching security report summary
- Render filters with additional information
- Updated tests

We're dropping support in favour of license_scanning

Moved the existing endpoints under `/security` namespace and removed
the project namespace from vulnerability_export lookup endpoints as we
we are going to use the same for the instance level vulnerability
report exports.

Instead of pipeline.ref, which in the case of a merge request pipeline
refers to the merge request instead, leading to the wrong file URL

This adds to API ability to schedule CSV generation as background
job andd then download generated CSV file with Vulnerabilities.

Initialize vue app to display codequality report
Reuse components from codequality MR widget

Moved the illustrations URLs generation to the backend to prevent an
issue where the frontend helper would be unable to retrieve assets from
the CDN

This also removes the redundant head/base path handling, and cleans up
the display logic for the license report MR widget.

Part of [Remove parsed_license_report flag from front end code][1].

[1]: https://gitlab.com/gitlab-org/gitlab/issues/37271

- Moves the pipeline dashboard into it's own component
- Passes a source_branch to that component
- Adds the nessesary VueX to attach that source branch to the
`createMergeRequest` action

With our completed migration of Security reports from the Frontend to
the Backend https://gitlab.com/groups/gitlab-org/-/epics/1425, we now
can delete the outdated pipelines security report.

The /api/v4/project/:id/vulnerabilities is going
to be used for serving the new Vulnerability model
instances for First-class Vulnerabilities feature.
The previous behavior (responding with
Vulnerabilities::Occurrence) is moved to
/api/v4/project/:id/vulnerability_findings path
unconditionally (regardless of the feature flag).
This is a breaking change.

- Replaced hide_dismissed param with scope in XHR requests
- Set scope param's default value to dismissed in pipeline dashboard
- Updated tests

This is part of porting the Security Dashboard to the pipeline view[1].

[1]: https://gitlab.com/gitlab-org/gitlab-ee/issues/13496

This [replaces][1] the Split Security Reports app with the Security
Dashboard in the pipelines view. This is part of a larger effort to
[move security reports logic to the backend][2].

This is behind the `pipeline_report_api` feature flag, which is
currently disabled by default.

A few other related changes were made:

- Old references to "timeline" were replaced with "history" in specs
- DRY in some specs regarding state initialisation
- Make the history and count endpoint props optional on the dashboard
  component, which, if missing/empty, disable the display of the counts
  and charts components
- Fixes a rendering discrepancy in the vulnerability modal, which was
  displaying a `File: undefined` row

[1]: https://gitlab.com/gitlab-org/gitlab-ee/issues/13496
[2]: https://gitlab.com/groups/gitlab-org/-/epics/1425

This end point will be exposed in haml
End point exposed in mr controller

Related to https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5566

Split into separate, fine grained permissions

- Updates merge_request_url to merge_request_path after a backend change
- Adds target_branch to merge request creation request
- Adds sourceBranch to the security reports so we know what to target