Enable dotnet-deps-cataloger by default for images and show relationship to dotnet-portable-executable-cataloger artifacts

[westonsteimel]

What would you like to be added:

Consider enabling the dotnet-deps-cataloger by default for images and show the relationship to artifacts discovered by the dotnet-portable-executable-cataloger. This is important because the portable executable metadata often doesn't contain enough information to understand which actual nuget package a portable executable belongs to , and currently the vulnerability data is only available for the nuget package name and version.

Why is this needed: To properly match to potential vulnerabilities using grype. https://github.com/anchore/grype/issues/1693 is a specific example which demonstrates the current issues with solely relying on the data from the dotnet-portable-executable-cataloger for image scans

[wagoodman]

I know this came up before -- but if this is logically one package should we attempt to portray that on one package instead of associating two packages?