Fix advisory inheritance and overrides

[adobes1]

Fixes the following:

1. Previously, when retrieving advisory IDs of a release which had advisories! defined, art-dash would use the advisories defined in the basis version (it would also not retrieve the corresponding jira ticket)
2. When merging current_advisories and basis_advisories (or basis_override_advisories), art-dash would layer basis_advisories (or basis_override_advisories) over current_advisories. Now it is the opposite.

Also temporarily replace ./install.sh in the Dockerfiles with pip3 install -e artcommon/ -e doozer/ -e elliott/ -e pyartcd/ because ./install.sh is now using uv package manager and so far I couldn't get it to work inside the Dockerfiles. This is now fixed

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ashwindasr for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[joepvd]

Let's try and get uv installation to work :)

/hold

[adobes1]

I switched back to using install.sh in the Dockerfiles, uv virtual environment should now correctly.

[ashwindasr]

Did you try this?

[ashwindasr]

Suggested change

	#Setup uv package manager
	RUN curl -LsSf https://astral.sh/uv/install.sh | env UV_INSTALL_DIR="/home/$USERNAME/.local" sh \
	&& uv venv --python 3.11 ../.venv
	# Setup uv package manager
	RUN pip3 install uv && uv venv --python 3.11

[adobes1]

When installing uv with pip, uv self update is disabled and it has to be updated with pip. I wanted to avoid having to update pip just so we can us it to update uv but not really sure if my thinking there is correct. What do you think?

As for installing the virtual environment in workspaces/.venv instead of workspaces/art-dash/.venv - I did it this way because in the art-dashboard-server README, the recommended podman run ... command also includes
-v "$OPENSHIFT/art-dashboard-server":/workspaces/art-dash:cached which causes the users art-dashboard-server to be mounted over our workspaces/art-dash/ - and with it, the .venv we setup while building the container as well (it wouldn't be accessible)

[joepvd]

Updating inside a container is not so much of a concern. Just rebuild the image and get the newest.