Add --uploaded-prior-to as a passthrough option for pip-compile

[miettal]

Expose pip's --uploaded-prior-to option (added in pip 26.0) via pip-compile, allowing users to restrict package candidates to those uploaded before a given datetime for supply-chain security.

Raises an error for pip < 26.0.

Closes #2288

Contributor checklist

• Included tests for the changes.
• A change note is created in changelog.d/ (see changelog.d/README.md
  for instructions) or the PR text says "no changelog needed".

Maintainer checklist

• If no changelog is needed, apply the bot:chronographer:skip label.
• Assign the PR to an existing or new milestone for the target version
  (following Semantic Versioning).

[sirosen]

This looks great to me. I just put it through its paces in some local tests to confirm that it really works at runtime with no surprises, and I think it's exactly what we want.

I think these tests might be the first cases of patching the _pip_api module to exercise behavior. I hadn't thought of doing that before -- neat!

It looks like CI is failing for unrelated reasons. I'm guessing it's related to the recent build release. I'll work on that separately to unblock this.