feat: improved triage process

[mastersans]

Improved Triage Process
tasklist for my tracking shouldn't take long to finish it up.

• implement functionality to check linkage between sbom and vex(should be part of seprate PR)
• take information for reason of updating vex from user to be used by lib4vex for updating the vex file
• write test for functionality
• remove older test related to the functionality
• write documentation. (maybe a full page explaining triage and triaging process)

[mastersans]

@terriko @anthonyharrison this PR is ready for review, and test regarding this PR is underway will add soon, also the currently failing test, ill fix in sepreate PR those are due to the cyclonedx vex test file being outdated after lib4sbom release, this PR also include some changes from #4160

[terriko]

Minor nit around using Path instead of os.path below, also can you do the a minimaldocs change so that the argument is correct in https://github.com/intel/cve-bin-tool?tab=readme-ov-file#full-option-list and the similar conent in MANUAL.md? You can just fill in the same sentences you have currently in the help text into the appropriate stub sections in MANUAL.md. I know you're working on a bigger docs update but I just want to make sure we're not too out of sync while you work on the bigger tutorial and stuff.

[terriko]

Not sure what's going on here but it looks like maybe a missing if statement for a key check?

 =========================== short test summary info ============================
FAILED test/test_output_engine.py::TestOutputEngine::test_output_file - KeyError: 'product'
FAILED test/test_output_engine.py::TestOutputEngine::test_output_file_filename_already_exists - KeyError: 'product'
FAILED test/test_output_engine.py::TestOutputEngine::test_output_file_incorrect_filename - KeyError: 'product'
FAILED test/test_output_engine.py::TestOutputEngine::test_output_file_wrapper - KeyError: 'product'

[terriko]

Looking good. We'll need to double-check that the docs match the changed arguments, but I think that was going in a separate PR so I won't make you fit it in here.

Also, I don't think you want to do it for GSoC but we should maybe have a conversation about whether there's anything else out of our old triage system (the one that did time series data and stuff) that we want to rename or remove still.