Support for multiple-constraint direct origin dependencies with same version

[radoering]

Resolves: #4810
Resolves: #5447
Resolves: #5714

• Added tests for changed code.
• Updated documentation for changed code.

Prior to #5640 dependencies with same version from different sources were merged, which led to incorrect lock files. However, according to #4810 at least in some cases the installer was able to mitigate the incorrect lock files by installing a suitable wheel anyway.

With #5640 instead of generating incomplete lock files a solver error is raised. Although, in terms of correctness that's an improvement, it could also be considered a minor regression by some users. This PR, improves the handling of multiple-constraint direct origin (path, url, git) dependencies fundamentally.

The first commit of this PR enables the provider/solver to handle multiple-constraint direct origin dependencies correctly by considering them as duplicates and not merging them by version anyway. However, that is not enough to create correct lock files because the installer discards direct origin dependencies with same name and version as well.

In order to enable the installer to handle this kind of dependencies a new Repository type, which can distinguish between multiple direct origin dependencies with the same version, is introduced.

Further, a consistent order of direct origin dependencies in the lock file is ensured.

[neersighted]

LGTM, but one last question -- does the base Repository class have any direct instances anymore, or could we migrate it to be an abstract base class?

[radoering]

The base class still has several (more than 10) direct instances.

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.