* Favour software license policy data over data from the scan report
* Merge configured policies with reported licenses
* Extract license_scan scope
* Add #canonical_id to SoftwareLicense
* Update the JSON schema for the licenses list entity
* Move classes to the SCA namespace
* Remap classifications to the new terms
* Ensure invalid scan report does not cause a failure