Merge throws an error with CycloneDX

[gliese1337]

Describe the bug When trying to merge input SBOMs in CycloneDX format, the surfactant CLI produces and error message and no output.

To Reproduce Steps to reproduce the behavior:

1. run surfactant merge --input_format cyclonedx --output_format cyclonedx sbom1.json sbom2.json
2. Observe error:

   2024-08-19 14:30:21.305 | WARNING  | surfactant.infoextractors.docker_image:is_docker_scout_installed:21 - Install Docker Scout to scan containers for additional information
   2024-08-19 14:30:21.458 | ERROR    | surfactant.plugin.manager:find_io_plugin:100 - No "read_sbom" plugin for format "cyclonedx" found

Expected behavior The input SBOMs should be merged and an output SBOM produced.

System Information (please complete the following information):

• OS: Ubuntu 22.04.4 LTS
• Python: 3.10.12

Additional context One of the inputs was generated with surfactant, the other with npm-sbom.

[nightlark]

Reading input SBOMs in CycloneDX (and SPDX eventually) formats is being implemented in PR https://github.com/LLNL/Surfactant/pull/221 if you want to try it out and provide feedback. From discussion with @mws180000 and others, there are some lossy aspects to conversion between formats (including to the internal representation that is used as an intermediate format by the merge feature).