Blueapi should not be a valid target for checking out to the scratch repository

[DiamondJoseph]

Blueapi should be a robust, tested and stable platform for developing beamline code. It should be running a known, versioned, release, for reasons including security (reduce attack surface to only what can be run as a plan, not executing all arbitrary code), debugging.

Acceptance Criteria

• If blueapi is in the scratch repositories configuration field, an error message is displayed to the user
• If the scratch init code attempts to install a package named blueapi, it errors gracefully
• There are tests for both of these cases

[callumforrester]

I think this is a fairly simple addition to the scratch code, when pip installing we can fail if the package is called blueapi and display a sensible error message to the user. We should also forbid the URL for this Github repo in the scratch configuration via pydantic validation.