Gap in poison leak detection for marker files and hash comparison

[mthalman]

When assets are marked for poisoning it does a set of actions including the following:

• Inject a poison marker file into each nupkg
• Create a catalog of the files and their hashes

At the end of the build when detecting for any leaks, it does these checks:

• Check whether a poison marker file exists in the nupkg
• Checks whether any file matches the hash of the poisoned catalog

The issue is that these specific checks are only being done for prebuilt packages, not for previously source built packages.

You can see here that prebuilts and PSBs are treated separately with different marker files and poison catalogs: https://github.com/dotnet/dotnet/blob/2dfd0aa278fc5a46c7f5e881584d0895aaac68fc/eng/init-poison.proj#L28-L29. And when the poison check occurs, it is only checking for the marker file and catalog that correspond to the prebuilts: https://github.com/dotnet/dotnet/blob/2dfd0aa278fc5a46c7f5e881584d0895aaac68fc/eng/PublishSourceBuild.props#L32-L36

Note that this issue does not apply to poisoned assemblies. Those are being checked correctly.

This functionality was introduced in dotnet/installer#10961 which means that it has been around since at least .NET 6.