feat: Use lockfile scalibr interface

[another-rex]

This PR contains all the code required to move to osv-scalibr while making the existing code compile and pass all tests (container tests not passing because of a bug in the scalibr alpine extractor).

Changes not mentioned in the following list will be split off in separate PRs which should land before this PR.

Changes in this PR:

• Fixture changes:
  • Scalibr Python requirements.txt extractor currently doesn't support packages without versions, so added some version strings to the test files
• Image package required quite a bit of reworking to successfully update.
  • Add the ability to iterate through a directory via the trie
    • This requires vendoring in the trie library
  • Support scalibr FS interface for Layers
  • Add conversion code to convert inventories from osv-scalibr back to v1's lockfile and Inventory
    • This is done to minimize snapshot changes. Followup PRs should remove this conversion
• Add internal/lockfilescalibr package:
  • errors.go adds common extraction errors we want to translate.
  • translation.go adds helper functions and translation logic between osv-scanner v1 extractor names, and osv-scalibr extractor names.

Changes in followup PRs:

• Delete lockfiles package and migrate everything to use osv-scalibr extractors
• Remove conversion code in image