feat: update review parsing and serialization

[csmig]

Resolves #20
Resolves #18
Resolves #11
Resolves #10

• Minimum STIG Manager API version is updated from 1.1.0 => 1.2.7

• Adds support for the resultEngine property of Review

• The serializers now attempt to fetch configuration options from Collection.metadata.importOptions. If this metadata property is absent, a default configuration object which mimics previous serialization behavior is used. Support for configuring custom options will be considered in future PRs. See the STIG Manager API definition for property descriptions.

 const defaultImportOptions = {
  autoStatus: 'saved',
  unreviewed: 'commented',
  unreviewedCommented: 'informational',
  emptyDetail: 'replace',
  emptyComment: 'ignore',
  allowCustom: false
}

• The serializers now reference Collection field and status settings when calculating whether an autoStatus setting can be honored.

• Watcher now requests scope stig-manager:user:read from the OIDC Provider. If Watcher's token does not include this scope, Watcher is unable to honor the Collection property metadata.importOptions.autoStatus = 'accepted' (See below).

• The serializers will optionally reference Collection Grant settings in order to calculate whether an autoStatus = "accepted" setting can be honored. Watcher now attempts to call API endpoint /user to learn the Watcher userId. If Watcher is denied access to this endpoint (most likely because Watcher's token is missing scope stig-manager:user:read) it will not attempt to set accepted status on any Reviews.

• To avoid Collection settings and metadata from becoming excessively stale, Watcher now makes calls to /collection/{collectionId} and /user at ten minute intervals. Support for configuring this interval will be considered in future PRs, as will alternative approaches to polling.