feature request: have lockfiles record the git commit of pin-depends

[Armael]

I'm using opam lock on a .opam file that includes some pin-depends that point to git repositories.
Currently, the generated lockfile will simply use the same pin depends pointing to the main branch of the git repo (whose contents may change in the future).

Instead, I would like the lockfile to record the hash of the git commit at the time of locking and record it in its pin-depends.

To be extra robust I'm also wondering if the lockfile should craft a version number for the pinned package that contains the hash (so we'd have a pin-depends of the form: [ "foo.git-xxxxxx" "git+https://foo/foo.git#xxxxx" ] in the lockfile). Otherwise, with just a pin to a foo.git version, I've observed scenarios where, when upgrading to a newer lockfile, if I cancel the rebuild of foo with ^C then opam will think that the installation is in a good state because it is unable to tell that the currently installed foo.git is from an outdated pin...