Add dependency mapping RFC addendum

[sophiewigmore]

Summary

Related to resolving https://github.com/paketo-buildpacks/packit/issues/420 Readable

Use Cases

Checklist

• [X] I have viewed, signed, and submitted the Contributor License Agreement.
• [X] I have linked issue(s) that this PR should close using keywords or the Github UI (See docs)
• [X] I have added an integration test, if necessary.
• [X] I have reviewed the styleguide for guidance on my code quality.
• [X] I'm happy with the commit history on this PR (I have rebased/squashed as needed).

[ryanmoran]

I don't think this needs to be its own file. I think you can modify the existing RFC with this addendum content. Should make it easier to find.

[ryanmoran]

Should the addendum show that the old format is still supported? We don't mean to make the original SHA256-only format non-functional with this change, right?

[sophiewigmore]

That's what this line is meant to explain:

The dependency mapping implementation in the project will continue to support the use of a sha256 as long as the sha256 buildpack.toml field is supported; however, users of this feature should ideally use a checksum.

I can make this clearer though with an example.

[davidmirror-ops]

WG 11-15-2022: OK to merge