Fix fsct relationship issue

[viveksahu26]

This PR includes the following checks:

• It verifies if a component is part of the primary dependencies:
  • If it is:
    • The compIsPartOfPrimaryDependency flag is set to true.
    • It then checks if the component has direct dependencies:
      • If it does, the compWithDirectDependency flag is set to true.
  • If it is not:
    • The compIsPartOfPrimaryDependency flag is set to false.

Other:

• ValidRelationshipProvidedForPrimaryComp set to true: if the dependencies of primary comp is provided as well as those dependencies are listed in the SBOM component list.

Maturity Level:

• Recommended: if a comp is a part of primary comp dependencies as well as comp has direct dependencies && ValidRelationshipProvidedForPrimaryComp as true.
• Minimum: if a comp is a part of primary comp dependencies with zero direct dependencies && ValidRelationshipProvidedForPrimaryComp as true.
• NONE: if comp is not a part of primary comp dependencies or ValidRelationshipProvidedForPrimaryComp as false.

NOTE: In some cases, the maturity level may be labeled as "Minimum," with the Component Relationship field left empty. This indicates that the component is part of the primary component's dependencies but has no additional direct or indirect dependencies. Here, the term "included-in" can be used. By replacing the empty Component Relationship field with "included-in," it becomes self-explanatory and clarifies the component’s relationship. For now it's empty, but if you suggest then we can add it. Also reference for that.