Capture vendored modules in stdlib

[nscuro]

The Go standard library is vendoring a small selection of modules in such a way that they don't interfere with other versions of those modules in the module graph, see https://github.com/golang/go/blob/master/src/README.vendor

Vendored modules (as of Go 1.17.7) include:

golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e
golang.org/x/net v0.0.0-20220106012031-21a9c9cfe9c3

Those modules are currently not captured at all (for mod) or only as packages (for app).

While for mod we can simply load std as a normal module that uses vendoring, including this in app is a little trickier.

go list -deps doesn't recognize modules in $GOROOT/src/vendor as modules (which is by design):

$ cd $GOROOT/src
$ go list -deps -f '{{ with .Module }}{{ .Path }}{{ end }}' ./...
(No output)

$ go list -deps -f '{{ .ImportPath }}' ./... | grep '^vendor'
vendor/golang.org/x/crypto/cryptobyte/asn1
vendor/golang.org/x/crypto/cryptobyte
vendor/golang.org/x/net/dns/dnsmessage
vendor/golang.org/x/crypto/internal/subtle
vendor/golang.org/x/crypto/chacha20
vendor/golang.org/x/crypto/poly1305
vendor/golang.org/x/sys/cpu
vendor/golang.org/x/crypto/chacha20poly1305
vendor/golang.org/x/crypto/curve25519
vendor/golang.org/x/crypto/hkdf
vendor/golang.org/x/text/transform
vendor/golang.org/x/text/unicode/bidi
vendor/golang.org/x/text/secure/bidirule
vendor/golang.org/x/text/unicode/norm
vendor/golang.org/x/net/idna
vendor/golang.org/x/net/http/httpguts
vendor/golang.org/x/net/http/httpproxy
vendor/golang.org/x/net/http2/hpack