feature: add support for allowlists

[NyanKiyoshi]

This adds supports for denying all packages, and only allow selected ones by implementing support for mode: "allow".

Fixes: https://github.com/anchore/grant/issues/101

Such as:

rules:
  - pattern: "BSD-*"
    name: "bsd-allow"
  - pattern: "*"
    name: "default-deny-all"
    mode: "deny"

Example

**Config:** ```yaml rules: - pattern: "BSD-*" name: "bsd-allow" mode: "allow" reason: "BSD is compatible with our project" exceptions: - asgiref - pattern: "*" name: "default-deny-all" mode: "deny" reason: "All licenses need to be explicitly approved (allowlist)" ``` Results: ``` $ ./main.bin check bom.json -o table --show-packages -vvv [0000] INFO grant version: [not provided] [0000] DEBUG config: log: quiet: false level: trace file: "" dev: profile: none config: .grant.yaml output: table show-packages: true non-spdx: false quiet: false osi-approved: false rules: - name: bsd-allow reason: BSD is compatible with our project pattern: BSD-* severity: "" mode: allow exceptions: - asgiref - name: default-deny-all reason: All licenses need to be explicitly approved (allowlist) pattern: '*' severity: "" mode: deny exceptions: [] [0000] TRACE worker stopped component=eventloop [0000] TRACE signal exit component=eventloop * bom.json * license matches for rule: bsd-allow; matched with pattern BSD-* * BSD-3-Clause * asgiref * license matches for rule: default-deny-all; matched with pattern * * 0BSD * Authlib * New BSD * click-plugins * OSI Approved * oauthlib check failed ```

[spiffcs]

@NyanKiyoshi thank you so much for the PR - I'm working on getting #124 integrated and will then come back here, answer questions, and get this shaped up and ready for merge

[spiffcs]

Cleaning up this PR and responding to @NyanKiyoshi questions and getting it incorporated into the next release.

Thank you so so much @NyanKiyoshi for the contribution here

[NyanKiyoshi]

Thank you @spiffcs!