[feature] Add ability to fetch info related to a purl and similar identifiers in the REST api as well as aggregations on subsets of the identifiers

[mlieberman85]

GUAC with graphql is currently great at handling complicated use cases like when you want to compare multiple artifacts or run complex queries. However, it's a bit of overkill when someone wants to just fetch information on a specific identifier or wants to get aggregates or lists.

I want the REST API to be able to have routes that look like

https:://guac_rest/v1/purl/pkg:{type}/{namespace}/{name}{@optional version}?{optional params}

so you end up with stuff like:

https://guac_rest/v1/purl/pkg:golang/github.com/mlieberman85/skoot-cache-3@v0.0.1

and that should return data related to that package. I can then see also having stuff after like:

https://guac_rest/v1/purl/pkg:golang/github.com/mlieberman85/skoot-cache-3@v0.0.1/vulns

to just return list of vulnerabilities or something like that. Also having subsets would also be nice for both aggregates and lists e.g.

https://guac_rest/v1/purl/pkg:golang/github.com/mlieberman85

would return me a list of purls like:

[
"pkg:golang/github.com/mlieberman85/skoot-cache-3@v0.0.1",
"pkg:goland/github.com/mlieberman85/skoot-test-1@v0.0.2",
...
]

Purl is just one example of an endpoint, i.e. purl, but I can see also a bunch of others as well like sbom, vuln, etc. This is inspired by some of the work the OMNIbor folks have been doing.