make_fossa_deps_conan.py conan 2.22 graph info compatability

[csasarak]

Overview

Working with the make_fossa_deps_conan.py script and conan 2.22 some errors were encountered.

Conan now wraps the graph in a "graph" object and exports the nodes as named objects. Also some more information is directly available.

The changes in this PR correspond to the new structure and are actively used at Miele & Cie. KG in multiple CI pipelines to check license compliance.

For questions please contact friedrich.may@miele.com (my work email). Submitted on behalf of Miele.

Dupe of #1626 to get around CI.

Acceptance criteria

If this PR is successful, what impact does it have on the user experience?

Example: When users do X, Y should now happen.

Testing plan

How did you validate that this PR works? What literal steps did you take when manually checking that your code works?

Example:

1. Set up test case X.
2. Run command Y. Make sure Z happens.

This section should list concrete steps that a reviewer can sanity check and repeat on their own machine (and provide any needed test cases).

Risks

Highlight any areas that you're unsure of, want feedback on, or want reviewers to pay particular attention to.

Example: I'm not sure I did X correctly, can reviewers please double-check that for me?

Metrics

Is this change something that can or should be tracked? If so, can we do it today? And how? If its easy, do it

References

Add links to any referenced GitHub issues, Zendesk tickets, Jira tickets, Slack threads, etc.

Example:

• ANE-123: Implement X.

Checklist

• I added tests for this PR's change (or explained in the PR description why tests don't make sense).
• If this PR introduced a user-visible change, I added documentation into docs/.
• If this PR added docs, I added links as appropriate to the user manual's ToC in docs/README.ms and gave consideration to how discoverable or not my documentation is.
• If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an ## Unreleased section at the top.
• If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json AND I have updated example files used by fossa init command. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).
• If I made changes to a subcommand's options, I updated docs/references/subcommands/<subcommand>.md.

[spatten]

This will break on older versions of conan, right? Do we want to support both versions?

I think we could do that by looking at the type of graph.get('nodes', []). Something like this:

  nodes_data = graph.get('nodes', [])
  if isinstance(nodes_data, list):
      nodes_iter = nodes_data  # Conan 1.x
  else:
      nodes_iter = nodes_data.values()  # Conan 2.x

It would be worth testing against both versions, IMO, to make sure that there aren't other breaking changes