fix: reduce warn levels to debug for unactionable errors

[kzantow]

Description

This PR just updates the majority of WARN log calls to DEBUG, these should all be messages that contain information that really isn't actionable by the user: for example, a user wouldn't be expected to modify the material that they are scanning to fix package.json errors, these would likely be in a prebuilt container or other source not controlled by the user; and a user would not be expected to modify syft code due to a bug.

I've tried to leave as warnings things that are actionable, things like invalid configuration: misconfigured cache directories, invalid cataloger selection, etc.. I've also updated any uses of log.WithFields that were also using a formatted message to just include the data as fields, e.g. log.WithFields(..).Debugf(...) -> log.WithFields(..., <data used in Debugf>).Debug(...).

• Fixes syft should not warn on known bad package.json #3470

Type of change

• Bug fix (non-breaking change which fixes an issue)

Checklist:

• I have added unit tests that cover changed behavior
• I have tested my code in common scenarios and confirmed there are no regressions
• I have added comments to my code, particularly in hard-to-understand sections

[spiffcs]

I checked each file.

If we're sticking with the philosophy that Warn should only be something that the user can take an action on then this PR get's us closer to that goal.

I'm a little worried about throwing some of these over the wall and making the Debug output more crowded with these messages, but maybe the next step after this PR is to start pruning those messages down based on feedback of what we find useful.

Also, more information is always better when debugging so these might be overblown concerns.