Provide guidance on "perceived severity".

Four SARIF result properties interact to determine

1. Whether a viewer should display the result by default, and
2. With what "severity" a viewer should present the result.

Those properties are level, kind, baselineState, and suppressions. The default visibility also depends on the scenario. For example, in a CI scenario, only results with baselineState: "new" should be displayed by default, while in other scenarios, the "unchaged" results should also be displayed by default.

Add an Appendix providing rules for a uniform viewer experience based on these factors.

@michaelcfanning FYI

Additional raw notes from conversation with @michaelcfanning:

Error: blocks, visible by default
Warning: does not block, visible by default
Informational: does not block, not visible by default

Non-failure: Document these kind values as specified in microsoft/sarif-visualstudio-extension#199.

Suppressed: invisible -- but what if you have multiple suppressions? How does suppression state play into it. (I've given guidance on that in the past; dig that up and incorporate here.)

BaselineState
Absent: invisible by default
Unchanged: invisible by default in CI scenarios

Depends on "incrementality".