Migrate SPDX-JSON relationships to SBOM model

[wagoodman]

This is a follow up to #607 and #623
Closes #556

Changes made:

• Removes the creation of relationships in the spdx22json format encoder and moves file-ownership relationship creation back to the main Catalog function.
• Adds a new sbom.AllCoordinates that returns a slice of all coordinates referenced throughout all SBOM artifacts and relationships. This is needed to guarantee inclusion of all referenced files as nodes in the SBOM.
• The power-user JSON document data structure has been replaced with the syftjson format model and the poweruser.Presenter has been deleted (as well as the remainder of internal/presenters 🎉 🌮 )
• Combines file classifications, metadata, and contents fields for a location into a single entry. For this reason the fileMetadata, fileClassifications, and fileContents power-user JSON fields have been removed and replaced with a single files section. This requires bumping the JSON schema version from 1 to 2 .
• Adds the application configuration to the output of the packages output (for syftjson format). This now matches the same behavior as power-user.

Notes:

• schema/json/schema-2.0.0.json is not intended for manual review (~1000 lines).
• this PR will remain in draft until Introduce minimal source coordinates #623 is merged.

Questions:

• a future PR could implement syft1json and syft2json formats for backwards compatibility, though this is not planned at this time. Should we do this before bumping to schema version 2?
• What should we do in cases where a package manager claims ownership of a file that does not exist (relative to the source.FileResolver)? Should we log and continue (what is implemented now)? Or make note of this in the SBOM?