Feat: prevent unknwon enums from rendering (#496)

- fixes #490
- BC: Component serialization may throw `cyclonedx.exception.serialization.SerializationOfUnsupportedComponentTypeException`
- feat: serialization have own exceptions of `cyclonedx.exception.serialization.*`
- tests: lots of (functional) tests related to enums and serialization
- misc: bump `py-serializable@^0.15` -> `@^0.16`


details & progress: 

- [x] `DataFlow`
- [x] `Encoding`
- [x] `HashAlgorithm` 
- [x] `ExternalReferenceType`
       convert "unknown" to `other`
- [x] `component.ComponentScope`
- [x] `component.ComponentType`.   > tests done, migrator open  
       Unclear how to proceed. dropping the info is a bad idea here.   
       Best would be to throw an exception and abort the rendering.
- [x] `component.PatchClassification`
- [x] `impact_analysis.ImpactAnalysisAffectedStatus`
- [x] `impact_analysis.ImpactAnalysisJustification`
- [x] `impact_analysis.ImpactAnalysisResponse`
- [x] `impact_analysis.ImpactAnalysisState`
- [x] `issue.IssueClassification`
- [x] `vulnerability.VulnerabilityScoreSource` 
         convert "unknown" to `other`
- [x] `vulnerability.VulnerabilitySeverity`

---------

Signed-off-by: Jan Kowalleck <[email protected]>

Author: jkowalleck

cyclonedx/exception/model.py

@@ -63,7 +63,6 @@ class NoPropertiesProvidedException(CycloneDxModelException):
     """
     Raised when attempting to construct a model class and providing NO values (where all properites are defined as
     Optional, but at least one is required).
-
     """
     pass
 

cyclonedx/exception/serialization.py

@@ -0,0 +1,50 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# Copyright (c) OWASP Foundation. All Rights Reserved.
+
+
+"""
+Exceptions relating to specific conditions that occur when (de)serializing/(de)normalizing CycloneDX BOM.
+"""
+
+from . import CycloneDxException
+
+
+class CycloneDxSerializationException(CycloneDxException):
+    """
+    Base exception that covers all exceptions that may be thrown during model serializing/normalizing.
+    """
+    pass
+
+
+class CycloneDxDeserializationException(CycloneDxException):
+    """
+    Base exception that covers all exceptions that may be thrown during model deserializing/denormalizing.
+    """
+    pass
+
+
+class SerializationOfUnsupportedComponentTypeException(CycloneDxSerializationException):
+    """
+    Raised when attempting serializing/normalizing a :py:class:`cyclonedx.model.component.Component`
+    to a :py:class:`cyclonedx.schema.schema.BaseSchemaVersion`
+    which does not support that :py:class:`cyclonedx.model.component.ComponentType`
+    .
+    """
+
+
+class SerializationOfUnexpectedValueException(CycloneDxSerializationException, ValueError):
+    """
+    Raised when attempting serializing/normalizing a type that is not expected there.
+    """