Trailing slashes in git URLs can be missed easily

[expenses]

Describe the bug

If you have a Cargo.toml that uses a git dependency with a trailing slash, e.g.:

[package]
name = "testxyz"
version = "0.1.0"
edition = "2021"
license = "MIT"

[dependencies]
spirv-std = { git = "https://github.com/EmbarkStudios/rust-gpu/" }

And a deny.toml that allows the same url, but without the trailing slash:

[sources]
unknown-registry = "warn"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
allow-git = ["https://github.com/EmbarkStudios/rust-gpu"]

Then you get the following error:

error[source-not-allowed]: detected 'git' source not explicitly allowed
  ┌─ /home/ashley/projects/work/testxyz/Cargo.lock:9:23
  │
9 │ spirv-std-types 0.4.0 git+https://github.com/EmbarkStudios/rust-gpu/#ebc143b2402195abad4a2b5ba068bf4f6a2e0e6d
  │                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ source
  │
  = spirv-std-types v0.4.0
    ├── spirv-std v0.4.0
    │   └── testxyz v0.1.0
    └── spirv-std-macros v0.4.0
        └── spirv-std v0.4.0 (*)

warning[unmatched-source]: allowed source was not encountered
    ┌─ /home/ashley/projects/work/testxyz/deny.toml:262:14
    │
262 │ allow-git = ["https://github.com/EmbarkStudios/rust-gpu"]
    │              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ no crate source matched these criteria

advisories ok, bans ok, licenses ok, sources FAILED

It's pretty hard to see what's wrong in this case. At the very least, there should be a warning that the two URLs are similar but mismatch. I don't know whether the trailing slash should be ignored for the sake of matching up the URLs. That might be an attack vector and thus not the best idea.

cargo-deny version: 0168e6e.