Add configurable check to dissallow unsafe checksum algorithms in source information
We want to ensure that we can disallow unsafe checksum algorithms (e.g. SHA-1, MD5) in the package sources. This can be ensured by checking out the package source repo and parsing its .SRCINFO file.