As part of upstream work at dependabot-graph, we've migrated to using
the SBOM API, which provides a more reasonable data model, and a better
understanding of the

This is a breaking change as we remove the existing functionality, as we
don't want anyone to use it any more 😅

As we know that the current version of the GitHub SBOM API returns an
SPDX-2.3 SBOM, we can integrate with the work done as
part of #21 to produce a `domain.SBOMDependency`.

As this is now using SBOM types, this moves the underlying database
table, and requires we deprecate the current `dependabot` table.

Closes #161.