Improve dependency detection for NuGet #155
Description
The detection should be more accurate. If the project references (runtimepack.)Microsoft.NETCore.App,
(runtimepack.)Microsoft.WindowsDesktop.App or `(runtimepack.)Microsoft.AspNetCore.App´, then only
these top-level packages shall get added to the SBOM and not also all sub-packages.
.Net builds contain *.deps.json files that hold a detailed list of dependencies. Nevertheless NETCore,
WindowsDesktop and/or AspNetCore are only referenced when you do a build that is self-contained
or has been done using the publish command.
The resulting SBOM shall also not contain any analyzers, build, test or mocking packages that are not part
of the final delivery.