We agreed to rename jsonutil/puritan to jsonutil/safejson, and to cut
back its scope, to only address the most problematic fields right
while working towards validating every field down the road, using a
combination of ad-hoc parsers and field tagging.
Also, address all the review feedback (thanks pedronis, niemeyer,
and zyga).
by the time puritan gets a json []byte it's already been checked for
validity, so we don't need to check check things that are invalid json.
Added explicit tests for the checks I removed, just in case.
I didn't set out to do this, but to try to increase coverage... and
all these ifs would always stay red :-)
In some cases snapd is given a string it can't be sure is safe to print to
the user's terminal.
With this change, jsonutil will have the tools to deal with that
safely. store/details.go and store/details_v2.go use it to decode
everything the store sends.
