feat(heuristics): improve differentiation between stub packages and dependency confusion attacks

[AmineRaouane]

Summary

This PR provides some improvement for the dependency confusion PR .

Description of changes

• The minimal content heuristic now check for the .pyi files .
• A Second heuristic that check if the package name contains stub inside .

Related issues

None

Checklist

• I have reviewed the contribution guide.
• My PR title and commits follow the Conventional Commits convention.
• My commits include the "Signed-off-by" line.
• I have signed my commits following the instructions provided by GitHub. Note that we run GitHub's commit verification tool to check the commit signatures. A green verified label should appear next to all of your commits on GitHub.
• I have updated the relevant documentation, if applicable.
• I have tested my changes and verified they work as expected.

[behnazh-w]

This PR introduces useful heuristics that are worth merging. However, the way these heuristics are currently combined in the final rules needs some adjustment. Specifically, we still want to manually triage cases where both forceSetup and ANOMALOUS_VERSION are triggered. That said, when forceSetup is not used, we can apply the new heuristics in separate rules to make the detection more precise.