Draft: Support multiple purl identifiers in product_identification_helper

[mprpic]

This allows a vendor to specify multiple purl identifiers for a single component (present as a product version branch in the product tree). Multiple purls may identify the same component but point to different locations from where that component may be available. Thus, it is mandatory that if multiple purls are present in a single
product_identification_helper object, they must only differ in their qualifiers. Otherwise they should be set up as different product tree branches.

Resolves #774

[mprpic]

I'm unsure how to modify the examples to get the final text to build. When I run the make command, I get:

$ make build
bin/volatile.py
detected local reference for acknowledgments-type-example-eg-1 in (The example [eg](#acknowledgments-type-example-eg-1) above SHOULD lead to the following outcome in a human-readable advisory:)
The example \[[1](#acknowledgments-type-example-eg-1)\] above SHOULD lead to the following outcome in a human-readable advisory:
Traceback (most recent call last):
  File "/[...]/csaf/csaf_2.1/prose/edit/bin/volatile.py", line 575, in <module>
    sys.exit(main(sys.argv[1:]))
             ^^^^^^^^^^^^^^^^^^
  File "/[...]/csaf/csaf_2.1/prose/edit/bin/volatile.py", line 461, in main
    global_example_num = eg_global_from[magic_label]
                         ~~~~~~~~~~~~~~^^^^^^^^^^^^^
KeyError: 'purl-eg-2'
make: *** [Makefile:4: build] Error 1

[tschmidtb51]

We should do that in a separate commit to keep the feature changes separate from the editorial ones.

[tschmidtb51]

@mprpic Thank you for the Draft. I didn't had time yet to do a complete review but here are some quick comments:

• The qualifier test should be a separate one. Also, we need to add
  • valid examples
  • invalid examples
• The guidance on size needs to be adapted.
• The editorial change should be separate from the feature change (thanks for catching it).
• Rebase after Editor revision for TC meeting 2024-08-28 #784 is merged.