BC: make CycloneDX\Core\Spec\Spec internal

[jkowalleck]

Lately, every time this library got spec-based enhancements, a breaking change was flagged,
Always because of changes to the interface CycloneDX\Core\Spec\Spec .

Changes to CycloneDX\Core\Spec\Spec were needed, because new features were required for the normalizers and spec-feature-set description.
The alternative would be to create a new interface with every feature release, and use interface unions that become longer and longer ...

Technically, a change to CycloneDX\Core\Spec\Spec is a breaking-change for one reasons:
the interface is public and downstream implementations might break when the interface was changed, but the downstream implementation did not receive matching changes.

Downstream-implementations of CycloneDX\Core\Spec\Spec is a RARE CASE,
since all needed implementation should happen in this library already. The CycloneDX\Core\Spec\SpecFactory takes care of it.
Therefore, I would argue, that it would be okay to make the interface CycloneDX\Core\Spec\Spec private/internal.

Since php does not support private classes, since everything is loadable as long as one knows how to access it, the CycloneDX\Core\Spec\Spec should be flagged as @internal in its DocBlock.

To make this possible breaking change even more prominent, lets rename CycloneDX\Core\Spec\Spec to CycloneDX\Core\Spec\_Protocol. With underscore to mark it as internal, in addition to the DocBlock.

---

result would be, that adding new spec-features would no longer cause a breaking change,

---

goal:

• rename CycloneDX\Core\Spec\Spec to CycloneDX\Core\Spec\_SpecProtocol
• mark CycloneDX\Core\Spec\_SpecProtocol as @internal in DocBlock