Fix sanitizer config

[wouterj]

I ran into some issues specifying allowed elements in the sanitizer config. I think the config is broken as-is. So I copy pasted the config from Symfony's FrameworkBundle and made it work with the guides extension instead.
Meanwhile, I also made it a bit nicer for non-XML config (they can now use array keys instead of the name option).

I'm not sure why the Guides extension allows specifying multiple sanitizer configs and then setting one name as the sanitizer to use. What is the use case of these other sanitizers? If we only use one sanitizer, I suggest simplifying the config by removing the multiple sanitizer variant.

At last, I added a minimal test to verify the config works. During this test, I discovered the usage of a vendor_dir parameter. This couples the DI config to Composer's vendor directory conventions and package names. I replaced them with a relative import, which are relative to the config file location. In a future version of guides-cli, you may want to deprecate the vendor_dir parameter.

[wouterj]

Both the old and new config work, but it's not (nicely) possible to combine simple type (string content) and complex type (attributes/child elements) in XSD. The schema has been updated to a complex type, to allow specifying the allowed attributes, which means this file had to be updated to conform to the new schema.

[jaapio]

Thanks, I think most things have been done because I didn't know the better way to do this.
As all tests are passing we can safely merge this.

I agree with you that we should deprecate the old config keys that are no longer needed.