SBOM: fix issue with unresolved artifacts and empty "components"

[rudsberg]

This PR fixes two issues:

• If an artifact cannot be resolved via the RepositorySystem it can throw an ArtifactResolutionException, causing the SBOM generation to fail. This can happen for an artifact that cannot be located locally or on maven central. An example of such an artifact: com.example:demo:jar:sources:0.0.1-SNAPSHOT. The fix is catch the ArtifactResolutionException and return Optional.empty() from resolvePackageNamesFromArtifact. Such components will not be pruned by Native Image and will be included under components.
• The SBOM for a simple app with no dependencies will only contain the application component and it will be listed under metadata/component and the components list will be empty. Previously we incorrectly threw an exception for such cases. The fix is to simply return from the augmentSBOM method instead of throwing the exception.

I also added a fallback mechanism: if the SBOMGenerator for some reason fails for users that didn't explicitly opt-in to using an augmentedSBOM, we absorb the failure and proceed with a non-augmented SBOM.

[dnestoro]

@rudsberg please wait for @melix approval as well before merging

[melix]

@dnestoro can we merge again? If so we should think of a better way to handle releases, because I also have pending PRs for weeks, and having to come back and rebase everything is not fun.