Update to upstream version '2.0.0'
with Debian dir d438110f17cfb1081789abeec22d514580f875e5

The previous commit updated the format of release, and we must not reuse releases
created before, hence the bump.

Use only the intrinsic version (eg. 1.0.0) instead of the extrinsic version
(eg. stretch/contrib/1.0.0).
Releases should only contain data from DSC, not external 'pointers' to them.

Additionally, having extrinsic data in releases means the same
dsc-sha256 extid can point to different releases, which meant the loader
may reuse a release mentioning a specific suite as a release in a
different suite.
With this commit, this won't be a problem anymore, as releases won't
mention the suite at all, so suites can safely share extids.

'version' was documented as the intrinsic version (eg. '0.7.2-3') and
'full_version' as the one containing the suite name (eg. 'stretch/contrib/0.7.2-3').

In practice, it was the opposite, except in a few incorrect test.

This commit fixes said tests, and renamed 'full_version' to
'intrinsic_version'.

This is only a refactoring, the behavior is unchanged for now;
but a future commit will remove the 'version' (which is extrinsic) from
the release name (which should contain only data intrinsic to the DSC).

Update to upstream version '1.3.0'
with Debian dir fe23ecbce454661586c67881705b3115a7c3240f

In order to check successful download of a package file, the debian loader
will compare sha256 or sha1 checksum of the file with the one located in
debian dsc file.

However for old debian-based distributions (some ubuntu old releases for
instance) the only available checksum in the dsc file is a md5 sum.

So add a fallback to use md5 sum to check successful download when sha*
checksum is missing in the dsc file.

Related to T2400

The maven loader loads jar and zip files as Maven artefacts into the software heritage archive.

Note:
Supersedes D6158 and addresses the review done in that diff.

Related to T1724

Update to upstream version '1.2.1'
with Debian dir dababf92fb9f1bc86bd4d7776227e268a271aefc

Related to T3763

Update to upstream version '1.2.0'
with Debian dir 32ec5e7ab2bbd5bda9d774880b0051af4fa87123

So package loaders can actually finish their ingestion even when multiple releases
target the same directory.

Related to T3763

Loading task function must be named load_{visit_type} in order for
the scheduler to sucessfully create loading tasks.

Visit type name for debian packages is deb so the loading task
function must be renamed to load_deb.

Related to T2400

Some debian source package metadata have extra sha1 sums for their
files, for instance those from the ubuntu hirsute suite.

So add an optional sha1 field in DebianFileMetadata model in order
to avoid loading errors.

Related to T2400

To match the current version of the code.

Update to upstream version '1.1.0'
with Debian dir fec0107989c4ac87b7ad0b863bf9f356512e90de

To be consistent with Git.

Authors: use the empty string '' instead of placeholders
Message: use the same message format (inspired by the Debian loader)
 for all loaders, instead of the empty string / the version /
 something else; except for PyPI and Deposit (which have a better
 format because we have more metadata available).

Additionally, this commit adds test of each release object,
instead of only relying on its hash.

Update to upstream version '1.0.1'
with Debian dir 983afa4f71f57cc74ac43b1360590b3bf1b4914e

Update to upstream version '1.0.0'
with Debian dir 0fa609457b8581fb7ffd8cf21bb9956f947f8951

Half the loaders already had a version field in their PackageInfo class;
and the version name needed to be passed almost everywhere p_info already did.

This removes some duplication and inconsistencies between loaders.