Initial implementation of cargo-sbom detector

[arlosi]

Adds a new detector that uses Cargo's new SBOM format to more accurately get the dependency graph for Rust projects.

[codecov]

Codecov Report

Attention: Patch coverage is 93.80531% with 21 lines in your changes missing coverage. Please review.

Project coverage is 89.7%. Comparing base (a82a9aa) to head (fa298bf).
Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
...ponentDetection.Detectors/rust/RustSbomDetector.cs	78.2%	14 Missing and 3 partials ⚠️
...entDetection.Detectors/rust/Contracts/CargoSbom.cs	88.2%	3 Missing and 1 partial ⚠️

Additional details and impacted files

@@          Coverage Diff           @@
##            main   #1387    +/-   ##
======================================
  Coverage   89.7%   89.7%            
======================================
  Files        402     407     +5     
  Lines      31930   32269   +339     
  Branches    1977    1986     +9     
======================================
+ Hits       28648   28967   +319     
- Misses      2863    2879    +16     
- Partials     419     423     +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

👋 Hi! It looks like you modified some files in the Detectors folder.
You may need to bump the detector versions if any of the following scenarios apply:

• The detector detects more or fewer components than before
• The detector generates different parent/child graph relationships than before
• The detector generates different devDependencies values than before

If none of the above scenarios apply, feel free to ignore this comment 🙂