Package up the local scanner as a flake

[raboof]

Currently the flake.nix is still rather developer-oriented, eventually it should package the scanner as a 'user-consumable' package.

Remaining tasks:

• rename CVENix/local-security-scanner to something neater?
• add a wrapper to the default package so sbomnix is available without the user needing to do anything for it
• when the user provides a --path, don't take the sbom.cdx.json that happens to be in the current directory - but perhaps cache it in the cacheDirectory keyed by the (resolved) path.