Deduplicate filtered dependency graph

[alzimmermsft]

Fixes #2487

Adds logic to de-duplicate the list of MavenProjects being returned by FilteredProjectDependencyGraph.applyFilter to prevent building the same project multiple times in a parallel, multi-module build.

A lengthy comment is added to the main change explaining a situation where the same project could be added multiple times, which I'll repeat here.

Given the following, simplified, aggregate POM where project E has a direct dependency on all of A, B, C, and D.

<modules>
  <module>A</module>
  <module>B</module>
  <module>C</module>
  <module>D</module>
  <module>E</module>
<modules>

If a parallel build was using --pl A,C,E if FilteredProjectDependencyGraph.applyFilter was called with the aggregate POM's MavenProjects (A, B, C, D, and E) and non-transitive and downstream dependencies were being filtered for, the following would happen.

1. A, C, and E would be added to the filtered result as they're in the whitelist.
2. B and D would be scanned for their downstream projects as they aren't in the whitelist and transitive is false.
3. The result of B and D's scanning would find project E as it depends on both projects.

This would result in project E being added to filtered three separate times. Once for being in the whitelist itself and twice more for being a downstream project of two projects not in the whitelist.

I also added a small bit of logic to short circuit being distincting filtered when it would effectively be a wasted no-op, when there is zero or one project in the list.

Following this checklist to help us incorporate your
contribution quickly and easily:

• Your pull request should address just one issue, without pulling in other changes.
• Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
• Each commit in the pull request should have a meaningful subject line and body.
  Note that commits might be squashed by a maintainer on merge.
• Write unit tests that match behavioral changes, where the tests fail if the changes to the runtime are not applied.
  This may not always be possible but is a best-practice.
• Run mvn verify to make sure basic checks pass.
  A more thorough check will be performed on your pull request automatically.
• You have run the Core IT successfully.

If your pull request is about ~20 lines of code you don't need to sign an
Individual Contributor License Agreement if you are unsure
please ask on the developers list.

To make clear that you license your contribution under
the Apache License Version 2.0, January 2004
you have to acknowledge this by using the following check-box.

• I hereby declare this contribution to be licenced under the Apache License Version 2.0, January 2004
• In any other case, please file an Apache Individual Contributor License Agreement.

[slawekjaranowski]

look ok for me @cstamas @gnodet please also look

We need do the same in master.

[cstamas]

Thank you for contribution! 🍻

[alzimmermsft]

Glad to help @cstamas!

If this is also an issue in master, I'm happy to file a PR against it as well.

[cstamas]

Feel free to do so! Let the beer flow... 😄