Document/formalise use of Parlay as a library

[garethr]

While Parlay can be used as a CLI tool, it should also be possible to use it as a library. This isn't formalised at all yet however, or documented. This could be used in tools that build SBOMs to automatically enrich them at creation.

[mcombuechen]

Some thoughts on this

Change repo structure

Rename lib directory to pkg. This is opinionated and based on https://github.com/golang-standards/project-layout#pkg, just a suggestion.

Change API to handle primitives

As an example, ecosystems.GetPackageData currently receives a packageurl.PackageURL, which immediately forces consumers to add the packageurl lib to their projects. A string as input would probably be more convenient.

Return errors

Errors are currently mostly being swallowed, making it hard for consumers to understand when and why something unforeseen happened, and to react accordingly. An example would be the EnrichSBOM functions, which currently have no effect if an API call fails; but they also don’t notify of such failure.