Fix package sorting in scan summary report

[airadier]

This PR fixes an issue where packages in the "Package vulnerabilities per layer" summary table were not being correctly sorted by vulnerability severity. Previously, the sorting logic was inconsistent or incorrect; now, packages are strictly ordered by:

1. Number of Critical vulnerabilities (descending).
2. Number of High vulnerabilities (descending).
3. Number of Medium vulnerabilities (descending).
4. (And so on for lower severities).

Changes:

• Refactor: Extracted the package sorting logic into a dedicated domain service src/domain/services/sorting.ts.
• Refactor: Decoupled SummaryReportPresenter from the global @actions/core summary object by introducing an ISummary interface (though currently we still default to core.summary in production code, this structure allows for easier testing).
• Testing: Added comprehensive unit tests for the new sorting service in tests/domain/services/sorting.test.ts.
• Testing: Added an integration-style test in tests/infrastructure/github/SummaryReportPresenter.test.ts that generates a report using the real core.summary and validates the HTML output to ensure packages appear in the correct order.

Fixes:

• Ensures that the most critical packages appear at the top of the summary report tables, improving visibility of high-risk items.