sha256 and size in ls dependencies json for archive dependencies

[aherrmann]

This adds sha256 and size fields to the output of ls dependencies json in case of archive dependencies (PLIArchive). See #5274 for motivation.

Note, this does not change the output in case of Hackage or repository dependencies. To my understanding, the PackageLocationImmutable data type does not provide this information for Hackage or repository dependencies. Instead, it provides the BlobKey/TreeKey size and hashes which are specific to pantry and not directly applicable to check the hash of a fetched tarball, as explained here.

Please let me know if there is a good way to obtain regular sha256/size values for these dependencies within stack, then I'd be happy to extend this change accordingly. Alternatively, users could use all-cabal-hashes for Hackage dependencies.

Please include the following checklist in your PR:

• Any changes that could be relevant to users have been recorded in the ChangeLog.md
  Let me know if this is required, if this change ends up still being included in v2.3.0.1 then it seems unnecessary to add an additional changelog entry about this feature, since ls dependencies json is a new feature itself.
• The documentation has been updated, if necessary.
  Likewise, this is only a small addition to ls dependencies json, so additional documentation seems not necessary.

Please also shortly describe how you tested your change. Bonus points for added tests!

The integration test suite contains 4101-dependency-tree which is affected by this change. I have adapted the test to take the additional sha256 and size fields into account.

[snoyberg]

Can you add a ChangeLog entry for this?

[aherrmann]

Can you add a ChangeLog entry for this?

Sure, done. I've also rebased on latest master.

[snoyberg]

Thanks!