Remove join with Vulnerability model

ee/app/finders/security/pipeline_vulnerabilities_finder.rb

@@ -59,9 +59,8 @@ module Security
     def vulnerabilities_by_finding_fingerprint(report_type, report)
       Vulnerabilities::Finding
         .by_project_fingerprints(report.findings.map(&:project_fingerprint))
-        .where(
-          project: pipeline.project,
-          report_type: report_type)
+        .by_projects(pipeline.project)
+        .by_report_types(report_type)
         .select(:vulnerability_id, :project_fingerprint)
        .each_with_object({}) do |finding, hash|
         hash[finding.project_fingerprint] = finding.vulnerability_id

ee/spec/finders/security/pipeline_vulnerabilities_finder_spec.rb

@@ -97,13 +97,13 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
             project_fingerprint: report_finding.project_fingerprint)
         end
 
-        # there's something being cached... need to run this once to get rid of that
+        # Need to warm the cache
         described_class.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning] }).execute
 
-        expect {
-          described_class.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning] }).execute
-        }.to issue_same_number_of_queries_as {
+        expect do
           described_class.new(pipeline: pipeline, params: { report_type: %w[sast] }).execute
+        end.to issue_same_number_of_queries_as {
+          described_class.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning] }).execute
         }
       end
     end