[Security Solution] Implement rule type diff algorithm

[xcrzx]

Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168
Related to: #180395

Summary

Implement an algorithm for diffing the type field of detection rules. Requirements:

• The algorithm should always return the target version as the merged one.
• Any change to the rule type (i.e. current version != target version) should yield an unsolvable conflict.
• In the upgrade/_review API response such rules should be marked as having unsolvable conflicts.
• Users should not be able to upgrade the type to any version other than the target. This should be implemented under the hood in the upgrade/_perform endpoint in [Security Solution] Extend the POST /upgrade/_perform API endpoint's contract and functionality #166376. The type field shouldn't be part of upgradeable fields that can be passed in the request body -- FYI @jpdjere

Context from the Rule Customization RFC:

• Concrete field diff algorithms by type

To do

• Step 1 (separate PR)
  • Implement the algorithm and cover it with unit tests ([Security Solution] Rule type field diff algorithm #193369)
• Step 2 (separate PR)
  • Apply the algorithm to the type field. It will become used in the upgrade/_review endpoint.
  • Write a test plan covering rule upgrade scenarios for rule type updates.
    • [Security Solution] Test plan for rule type field diff algorithm #193372
  • Add test coverage according to the test plan.
    • [Security Solution] Integration tests for rule type field diff algorithms #193375

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)