Run PackageValidation to ensure that produced packages are public API identical with upstream versions

[ViktorHofer]

APICompat's PackageValidation compares generated packages against baseline versions. SBRP is a perfect use-case for that to ensure that produced packages are public API identical to the upstream versions. PackageValidation should be configured to run in strict mode to enforce no additions and no omissions.

This would need to be conditioned on whether online sources are available to not introduce new prebuilts.

cc @NikolaMilosavljevic @MichaelSimons

[MichaelSimons]

[Triage] It feels like this would be wasting a lot of compute if it were run in CI/PR validation for every package. Ideally this would only be run for packages that are changing. This could also apply to when build config changes are made.

[ViktorHofer]

APICompat is fast. Yes it has overhead which will be noticeable but not in the multiple minutes margin. I would measure this with a binlog.

[MichaelSimons]

APICompat may be fast but you still have to pull the nuget package you want to compare against right?

[ViktorHofer]

Yes