Fix dependency version checking

[sodic]

This is how how Wasp consolidates user dependencies with framework dependencies as of Wasp 0.12.0 (taken from original discussion in #1602 (comment)):

For each dependency, decide which version we allow.

• If the user doesn't specify that dependency in their package.json, Wasp lists it in {sever,web-app}/package.json.
• If the user specifies that dependency with the correct version in their package.json, Wasp installs it in the top-level node_modules and doesn't list it in {sever,web-app}/package.json (this is what this PR implements).
• If the user specifies that dependency with the wrong version in their package.json, Wasp reports a conflict and refuses to build (this is what we already do in the old structure, this PR just keeps the behavior).

Since our version conflict check uses single string comparisons (instead of semantically comparing version ranges), it sometimes reports false positives.

For example:

• The user wants a dependency in range ^1.4.1
• Wasp wants a dependency in range ^1.4.0
• The overlapping range is ^1.4.1, but Wasp reports a conflict.

[Martinsos]

This might be become redundant if we go with aliasing wasp deps, since then there is no conflict anymore and we don't need the check anymore.

Edit by @sodic: this one: #1644

[infomiho]

In order to make this happen, we would need to write a parser for semver so we can semantically compare Wasp dep version with user's dep version.

We decided to shelf this task because we feel it's a part of a bigger picture (npm workspaces, aliasing npm deps etc.) and this issue might disappear all together in a different future setup.