Extend PURL Scan API endpoint to run another second code scanning tool, for virus detection with clamav

[pombredanne]

Given a PURL, this is about scanning code for virus with clamav. This will be exposed in the purldb

• Create a ScanCode.io addon pipeline to run a clamav scan on a codebase scancode.io#1182
• Enable calling ScanCode.io virus scanner from the collect/ API endpoint #443

[keshav-space]

Completed in:

• Implement a ScanForVirus Pipeline #1182 scancode.io#1193
• Include virus report in the resource extra_data field scancode.io#1250
• Enable scan_for_virus addon pipeline in /api/collect endpoint #452

The simple way to test this is to follow the below steps after installing PurlDB (https://github.com/nexB/purldb?tab=readme-ov-file#installation):

1. Go to /api/collect/ add PURL for indexing. ex: /api/collect/?purl=pkg:gnu/libiconv@1.17&addon_pipelines=scan_for_virus
2. Once the indexing has completed go to /api/resources/and filter out resource based on PURL to see the virus_report for malicious resource in extra_data field. ex: /api/resources/?purl=pkg:gnu/libiconv@1.17