Refactor alpine importer

[Hritik14]

• add license to alpine advisory
• diff yaml and JSON from alpine secdb
• consider using alpine distro main/arch/version in alpine purls
• switch to using json fo alpine secbd instead of YAML
• Most of Add patched package  #436 need to be revisited as we are now losing data
• Importers without a vulnerable package list #449

via https://github.com/nexB/vulnerablecode/wiki/WeeklyMeetings#meeting-on-thursday-2021-07-15-at-1200-utc

[TG1999]

diff yaml and JSON from alpine secdb

What does this mean and what is needed to be done for this?

[Hritik14]

@TG1999 Alpine provides a YAML and JSON representation of the advisories, take for example https://secdb.alpinelinux.org/v3.10/. We need to test if they are exactly the same, if yes then it's much better to parse JSON than YAML.

[TG1999]

Hi Hritik, I have tested that json and yaml provides same response, so there is no difference in both of them and we can go with parsing of json response instead of yaml response

[TG1999]

I have written some code here https://gist.github.com/TG1999/96d848bc81636ab5712f296dcc8b471b to validate this

[pombredanne]

@keshav-space ping since you are working on Alpine