Improved Package.resolved stability and dependency resolution reliability

Tuist now resolves Swift Package Manager dependencies through a subprocess-based resolver instead of linking SwiftPM internals directly. This insulates the CLI from changes in SwiftPM’s internals and, combined with more faithful lockfile handling, should reduce unexpected churn in Package.resolved. Declared dependency locations, existing pins, and SemVer build metadata are now preserved across runs, so the lockfile stays byte-stable unless something actually changes.