* ✓ adds additional checks for vendored profiles
This PR adds additional checks to verify if:
- inspec.yml and inspec.lock dependencies are out-of-sync
- complains about a missing lock file if we have dependencies defined
* skip if legacy profile path is used
* Fix unit tests.
* Force static sha256 for lock files and protect from unnamed depends.
* Add vendor profiles for checks. Windows downloads with different sha256.
