all: use depaware to track core package dependencies

[nsrip-dd]

The github.com/tailscale/depaware tool lists the dependencies for an individual package. depaware also identifies OS-specific dependencies and dependencies which use unsafe or cgo code. depaware produces a file which is checked in alongside each package and must be kept up-to-date. This makes it easy to examine dependency changes during code review.

The benefit of generating dependency information for individual packages as opposed to the whole module is that, in our case, the whole module has a huge dependency graph because of all the contrib packages. Our customers probably won't be using most of the contrib packages for a given app, they probably will be using tracing, profiling, or ASM.

Add depaware.txt files for the core non-contrib/ packages, as well as a GitHub workflow to check the depaware.txt files, a script to update the files, and documentation for contributors.

Resolves #1300

[Julio-Guerra]

Good job and integration idea (without contribs) 👏
Here is an example of how to put a comment on the PR if needed: https://github.com/Julio-Guerra/gitflow-gh-automation-example/blob/main/.github/workflows/release-candidate.yml#L51-L56