Make spotfire.spk deny list checking more robust

[bbassett-tibco]

In PYSRV-185 we implemented a deny list to avoid someone bundling a different version of one of our core dependent python packages in a custom SPK.  This checks the requirements.txt file embedded in the spotfire module, but that currently fails if there's not a space between the package name and the version constraints.  For example:  
numpy == 1.2.3
works fine, but
numpy==1.2.3
while legal in Python requirements.txt is not properly detected and removed.  

We should handle both to avoid issues in the future.  

Issue migrated from TIBCO Software JIRA [PYSRV-252] created by jorobert

[bbassett-tibco]

Changed from the simple string split originally used to a requirements parser provided by 'setuptools' in the pkg_resources module. (I think it's the same logic as used by 'pip', but I haven't traced the logic to confirm; it's vendored into pip, so it's likely.)