[feature] Implement collector for ClearlyDefined

[funnelfiasco]

Implementing a portion of #1014, let's implement a GUAC collector for license data from ClearlyDefined as described in https://docs.google.com/document/d/1NmLlU5wuP2X9CK7QCWZkkOciNn1QFLKQCFCW9CEI8HQ/edit#heading=h.q8v64s9nqno

This will allow GUAC users to include license-related information, which can be helpful for spotting compliance risks.

[nickvidal]

Thanks @funnelfiasco, I'll be sharing this initiative with the ClearlyDefined community!

[pxp928]

I have started work on this issue. Thanks to @nickvidal and the community for providing guidance on how to map between purl and coordinates used by clearlyDefined.

Examples below illustrate coordinates for each of the following purl type supported.  In general, the following holds true:
purl Type = type coordinate
purl namespace = namespace coordinate
purl name = name coordinate
purl version = revision coordinate

There are some exceptions however, which are provided in the notes below.  

cocoapods https://cdn.cocoapods.org/.
-> pod (coordinate)
e.g. pod/cocoapods/-/SoftButton/0.1.0
	
cargo https://crates.io/.
-> crate (coordinate)
e.g. crate/cratesio/-/bitflags/1.0.4

composer https://packagist.org.
-> composer (coordinate)
e.g. composer/packagist/symfony/polyfill-mbstring/1.11.0

conda https://repo.anaconda.com.
-> conda (coordinate)
e.g. conda/conda-forge/linux-aarch64/numpy/1.16.6-py36hdc1b780_0
notes:
channel -> provider coordinate
	3 providers: anaconda-main, anaconda-r, conda-forge
subdir -> namespace coordinate
version-build -> revision coordinate
e.g.
pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2
-> conda/anaconda-main/linux-64/absl-py0.4.1-py36h06a4308_0

deb
-> deb (coordinate)
e.g. deb/debian/-/mini-httpd/1.30-0.2_arm64
notes:
1.
version_architecture -> revision coordinate
2.
source package:
debsrc/debian/-/mini-httpd/1.30-0.2


gem https://rubygems.org.
-> gem (coordinate)
e.g. gem/rubygems/-/sorbet/0.5.11226

github https://github.com.
-> git/github (coordinate type/provider)
e.g. git/github/ratatui-org/ratatui/bcf43688ec4a13825307aef88f3cdcd007b32641

golang for Go packages:
-> go (coordinate)
e.g. go/golang/rsc.io/quote/v1.3.0
name is url encoded.

maven https://repo.maven.apache.org/maven2.
-> maven (coordinate)
three providers: mavencentral, mavengoogle and gradleplugin
e.g. 
maven/mavencentral/org.apache.httpcomponents/httpcore/4.3
maven/mavengoogle/android.arch.lifecycle/common/1.0.1
maven/gradleplugin/io.github.lognet/grpc-spring-boot-starter-gradle-plugin/4.6.0
note:
source component:
sourcearchive/mavencentral/org.apache.httpcomponents/httpcore/4.3

npm 
-> npm (coordinate)
e.g. npm/npmjs/-/redis/0.1.0
namespace is used for scope

nuget: https://www.nuget.org.
-> nuget (coordinate)
e.g. nuget/nuget/-/xunit.core/2.4.1

pypi https://pypi.org
-> pypi (coordinate)
e.g. pypi/pypi/-/backports.ssl_match_hostname/3.7.0.1

[nickvidal]

Thank you @pxp928 and @qtomlinson!

[qtomlinson]

e.g.
pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2
-> conda/anaconda-main/linux-64/absl-py0.4.1-py36h06a4308_0

correction:
-> conda/anaconda-main/linux-64/absl-py/0.4.1-py36h06a4308_0

[nickvidal]

I've published the coordinates and purl type mapping to our documentation:

https://docs.clearlydefined.io/docs/resources/coordinates