PackageDownloadLocation validation doesn't allow underscores in git URLs

[trupples]

This issue is related to spdx/spdx-java-model-2_X#33 and has identical behaviour and an identical fix.

The regex that validates PackageDownloadLocation tags rejects git URLs with underscores in the repository name:

tools-python/src/spdx_tools/spdx/validation/uri_validators.py

Line 18 in b7f9a3d

git_pattern = "(git\\+git@[a-zA-Z0-9\\.\\-]+:[a-zA-Z0-9/\\\\.@\\-]+)"

Example of a line from an SBOM that doesn't validate (because of the underscore in the repo name) but should:

PackageDownloadLocation: git+git@github.com:zephyrproject-rtos/CMSIS_6@06d952b6713a2ca41c9224a62075e4059402a151-off

Proposed fix:

- git_pattern = "(git\\+git@[a-zA-Z0-9\\.\\-]+:[a-zA-Z0-9/\\\\.@\\-]+)"
+ git_pattern = "(git\\+git@[a-zA-Z0-9\\.\\-]+:[a-zA-Z0-9/\\\\.@\\-_]+)"