[WIP]: Integrate checksum in kpm workflow

[NishantBansal2003]

1. Does this PR affect any open issues?(Y/N) and add issue references:

fix #394

• N
• Y

2. What is the scope of this PR (e.g. component or file name):

pkg/client/client.go

3. Provide a description of the PR(e.g. more details, effects, motivations or doc link):

This PR adds a checksum verification step to the kpm workflow to enhance the security and integrity of third-party dependencies. The integration ensures that each package’s checksum is validated during downloading, preventing unauthorized or tampered packages from being incorporated into the project.

• Affects user behaviors
• Contains syntax changes
• Contains variable changes
• Contains experimental features
• Performance regression: Consumes more CPU
• Performance regression: Consumes more Memory
• Other

4. Are there any breaking changes?(Y/N) and describe the breaking changes(e.g. more details, motivations or doc link):

• N
• Y

5. Are there test cases for these changes?(Y/N) select and add more details, references or doc links:

• Unit test
• Integration test
• Benchmark (add benchmark stats below)
• Manual test (add detailed scripts or steps below)
• Other

[NishantBansal2003]

I will address the failing CI after this PR (kcl-lang/modules#243) is merged (mostly resolved on its own) and once I receive reviews on the current checksum integration code design.

[Peefy]

cc @zong-zhe