Cleaning up VersionScheme a bit

[ctron]

Coming out of #900 … I think we need to clean up the VersionScheme a bit.

• The "version scheme" (aka "version type") is something being being used by OSV and the CVE data. Possibly others.
• I currently is a string, both in Rust as well as in the database
• I wasn't able to find an authoritative list of value that we support
• I some cases we just use "semver" when we mean "exact version", which leads to incorrect results (as 1 should be equal to 1.0 for exact versions, or versions like 1a and 1b would fail).
• There is a table called version_scheme, which lists some versions schemes, including a description. We don't seem to use that table at the moment.

I think it makes sense to:

• Convert the "version scheme" into a Rust enum
• Have it as the authoritative list of version schemes we support
• Compile a list of supported variants (from OSV, CVE, and possibly others)
• Align this with the database version compare functions
• Drop the version_scheme table (for now)
• Ensure that using semver_cmp actually makes sense, and fix if it doesn't (like generic)

[ctron]

Ok, here is the actual list from the CVE data:

cves git:(main) find -name "CVE-*.json" -exec jq '.containers.cna.affected?[]?.versions?[]?.versionType | select (. != null )' {} \; | sort -u
" "
"*"
"0"
"0.0.0"
"0.1"
"0.278.0"
"0.284.0"
"0.4.1"
"0.5.2"
"0.8.4"
"1.0.1"
"1.0.2303.633 "
"1.0.39"
"10.4.3"
"10.4.4"
"10.6.2"
"10.7.0"
"10.7.1"
"10.9.0"
"10.9.1"
"11.0"
"1.10.6"
"1.1.1"
"11.1"
"1.1.13"
"11.1.3.1"
"11.2"
"11.3.2400.25"
"11.3.2416.04"
"1.1.6"
"1.20"
"12.0.14"
"1.2.21"
"12.2.11"
"1.2.3"
"12.4.11"
"12431"
"1.2.6"
"12.6.8"
"12.7.4"
"128104"
"128238"
"128248"
"128250"
"12.8.3"
"128317"
"128329"
"1.3.2"
"13.2.5"
"13.3.3"
"13.5"
"1.4.13"
"14730"
"14810"
"15.4"
"1.7"
"170900"
"17.5"
"1.x.x"
"2023.2"
"2023.2.1"
"2023.2.3"
"2023.3"
"2023.3.1"
"2024.3"
"2.0 TDI"
"2.0 to 2.13"
"2.0 to 2.14"
"2.11.2"
"2.11.35"
"2.11.42"
"2.1.2b"
"2.13.20"
"2.13.24"
"2.17.3.0"
"22.11"
"22.1.6"
"2.25.2"
"2.4.17"
"24.2 series"
"2.5.25"
"2.6.13"
"2.7.18"
"2.7.2"
"2.7.4"
"2.78"
"2.82"
"2.9.11"
"2.x.y"
"2.x.y.z"
"3005.5, 3006.6"
"3.0.10"
"3.0.13"
"3.0.14"
"30.2.1"
"3.1.10"
"3.1.6"
"32.4.0"
"33.6.0"
"3.59.4"
"3.6.0"
"3.7.9"
"3.8.2"
"3.9.1"
"4001"
"4.0.4"
"4.0.5"
"4.0.6"
"4.1.1"
"4.2.4"
"4.3.0.119"
"4.3.1"
"4.4.0.118"
"4.4.x and earlier"
"4.6.0.105"
"4.7.0.103"
"5.3.32"
"5.3.34"
"5.3.396.0"
"5410"
"5714"
"5715"
"5717"
"6.0.14"
"6.0.17"
"6.0.19"
"6.1.4"
"6.1.6"
"6.1.7"
"6.2.2"
"6.3.0"
"6401"
"6601"
"7.*"
"7001"
"7.0 u3m"
"7.0 U3m, 8.0 U1b"
"7.0U3o"
"7.1.x"
"7270"
"7271"
"7.2.x"
"7.4.x"
"7.5 series"
"7.6 series"
"7.x"
"8.*"
"8.0.0 to 9.2.0"
"8.0 u1b"
"8.0U2"
"8110"
"8121"
"8.17.0"
"8.3.0.9"
"8.x.x"
"9.0.0.6"
"9.1.0.3"
"9.16"
"9.2.0.2"
"9.3.0.1"
"affected"
"all"
"All"
"ALL"
"all releases"
"all version"
"Android"
"ArcGIS Server"
"B04"
"B19"
"c"
"Client and server"
"commit"
"Commit Hash"
"commit-id"
"cpe"
"\"custom\""
"custom"
"Custom"
"custom0"
"custom 4.6.19"
"date"
"Delete"
"enterprise support only"
"enterprise Support Only"
"firmware"
"firmware update"
"firwmare update"
"fix"
"Full release"
"general availability"
"general release"
"git"
"hardware"
"hotfix"
"Hotfix"
"IceWall Federation Agent"
"IceWall Gen11 Enterprise Edition"
"IceWall SSO Agent Option"
"kubelet v1.24"
"kubelet v1.25"
"kubelet v1.26"
"kubelet v1.27"
"LessThan"
"LoadMaster"
"macOS"
"maintenance release"
"major"
"Major"
"major release"
"maven"
"Minor"
"minor release"
"minor releases"
"N/A"
"NA"
"npm"
"original_commit_for_fix"
"oss"
"OSS"
"patch"
"Patch"
"patch 1"
"patch 10"
"Patch 1 (2022-12-19)"
"patch 322.2"
"patch release"
"patch update"
"PI"
"Platform Initialization"
"Plugin Feed ID #202306261202 "
"Portal for ArcGIS Enterprise Sites Security Patch"
"product"
"purl"
"python"
"Q23094"
"Q23097"
"Q23105"
"Q23115"
"Q23121"
"Q23164"
"Q23166"
"Q23169"
"Q23173"
"range"
"RC"
"release"
"Release"
"release bundle"
"release train"
"routing_release"
"rpm"
"rpm, exe"
"se"
"sem"
"SEM"
"semver "
"semver"
"semver 2.0.0"
"server"
"Server"
"SP 6"
"SP 7"
"SPL"
"Stable"
"T0986H01^AAY "
"T0986L01^AAZ"
"update"
"Update"
"V1.0.0B01"
"V1.0.0B04"
"V1.0.0B07"
"V1.0.0B18MR"
"v1.20.5"
"V2.0.0B16"
"V3.0.0B05"
"V7.23.20"
"V7.23.23"
"version"
"Version"
"v.x.y.z"
"vx.y.z"
"Windows"
"y.x.z"
"y.x.z.z"

[ctron]

The only reasonable I seem to get out of this list are:

"commit"
"date"
"git"
"maven"
"npm"
"python"
"rpm"
"semver"

I could imagine mapping those to commit (same for some "semver" variants):

"Commit Hash"
"commit-id"

[ctron]

Closed by #907