Fix logic for marking crate as "multi"

[louisdewar]

Checklist

• I have read the Contributor Guide
• I have read and agree to the Code of Conduct
• I have added a description of my changes and why I'd like them included in the section below

Description of Changes

Fixed the logic that marks crates as "multi" (i.e. crates that are included multiple times under different names). Previously the code used "chunks" to iterate over a node's dependencies, which would yield non-overlapping pairs of dependencies. The issue arises in the following situation:

ab|b'c|de|

Here the dependency b is included twice but the chunking means that a&b are compared, and so are b'&c, but never b&b'.

The new code uses a sliding window checking pairs like:

ab|bb'|b'c|cd|de

Due to Rust's mutability rules we have to use indexes rather than a nice iterator since no &mut windows() method exists (as it would be unsound).

Related Issues

#69 (in particular see: #69 (comment))

Testing

I've cloned cargo-deny locally and set the krates dependency to my local version and then ran it on my project (using cargo run -- --manifest-path ~/my/to/my/rust/project/Cargo.toml check advisories) and it worked. I then set the krates dependency back to 0.16 and then re-ran the command and it failed with:

internal error: entered unreachable code: unable to locate sensitive-headers for crate tower-http 0.4.4 (registry+https://github.com/rust-lang/crates.io-index) features(["default", "trace", "tracing"])
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

So I'm confident my change has fixed the issue I was facing.

[Jake-Shadle]

Thanks!