Searching for hasSBOMs via Artifacts in Vuln cli

[nathannaveen]

Description of the PR

• This adds a search for hasSBOM nodes via Artifact nodes in the vulnerability cli.
• Fixes Attach HasSboms to Artifacts instead of Packages when possible #1736.
  • Note that this only addresses the first part: "update the Vuln CLI to take in hash to search for hasSBOM”.
  • The second part: “Update the patch planning CLI to use hasSBOM dependencies and not direct isDependency when calculating patch plan”. Can’t be done because patch planning is meant to find dependents, and hasSBOM nodes don’t search via dependents, only via dependencies.

PR Checklist

• All commits have a Developer Certificate of Origin (DCO) -- they are generated using -s flag to git commit.
• All new changes are covered by tests
• If GraphQL schema is changed, make generate has been run
• If GraphQL schema is changed, GraphQL client updates/additions have been made
• If OpenAPI spec is changed, make generate has been run
• If collectsub protobuf has been changed, make proto has been run
• All CI checks are passing (tests and formatting)
• All dependent PRs have already been merged

[lumjjb]

minor nits