Implement mechanism to notify/update source-build-externals components

[MichaelSimons]

Historically, components in source-build-externals have only been upgraded when source-build breaks usually because of an api breaking change. We need a mechanism that helps us be more proactive at staying up-to-date with the versions the product has dependencies on. If a repo has the dependency declared as a version.props and has a V.D.xml dependency declared on SBRP, the SB infra will override the repo's dependency version. This could cause upgrades or downgrades.

At a minimum, there should exist a mechanism that provides an indication when source-build-externals does not match the product's dependencies. Automation on top of this would be nice to have (e.g. issue logged/PR created).

[MichaelSimons]

An additional scenario is to flag when an SBE package is no longer being referenced at all by the product.

[MichaelSimons]

Add back the untriaged tag so that this get's discussed in triage. I conjecture the importance of this has risen given the SBRP and SBE consolidation as well as the removal of prebuilt detection at the repo level.