Safer dependency resolution

[ngld]

• FSO itself isn't handled as a normal dependency on the package level and instead becomes a special case on the mod-level
• during resolution, all dependencies that are missing a required package are skipped and resolution proceeds with the (potentially older) matches
• all resolution matches that would add new transitive dependencies (i.e. mods that aren't listed on the main mod's -mod list) are skipped because we can't automatically generate the -mod list and having a dependency that's not listed in -mod is guaranteed to break things
• default to >=1.2.3,<1.3.0 where 1.2.3 is the currently installed version of a dependency
• by default only a simple version to select the version range with a drop down will be supplied, advanced users can instead enable a text field that supports full semver specs
• warn uploaders if they try to upload a new minor or patch release after changing dependencies
• record currently installed dependency versions during upload, show these versions to users (not sure where but should be easy to find for troubleshooting purposes)
• prominently show currently used dependency versions to users and give them an option to edit them (on installation and launch)

Refs:

• https://www.hard-light.net/forums/index.php?topic=94068.msg1907676#msg1907676 (pinning deps would waste disk space)
• https://www.hard-light.net/forums/index.php?topic=94068.msg1907718#msg1907718 (pinning deps puts a burden on uploaders, we have to clearly explain semver, semver works great if everyone complies with it, "newest" as version spec should die in a fire)
• https://discord.com/channels/223511295431933953/372927881048883201/807368530281496646 (some discussion about current dependency issues and the above compromise)