Do not rely on asynchronous import of child_process.

Importing child_process asynchronously causes loader errors when running the
binary dist:

$ ./dist/safe-chain python --safe-chain-logging=verbose
Safe-chain: Bypassing safe-chain for non-pip invocation: python
Failed to check for malicious packages: A dynamic import callback was not specified.
$

Relying on a regular import does not cause this issue. There is no obvious
reason for this import to be dynamic (in particular, there are no tests using
this to mock the spawn function), so let's simplify.

packages/safe-chain/src/packagemanager/pip/runPipCommand.js

@@ -8,6 +8,7 @@ import fsSync from "node:fs";
 import os from "node:os";
 import path from "node:path";
 import ini from "ini";
+import { spawn } from "child_process";
 
 /**
  * Checks if this pip invocation should bypass safe-chain and spawn directly.
@@ -77,7 +78,6 @@ export async function runPip(command, args) {
   if (shouldBypassSafeChain(command, args)) {
     ui.writeVerbose(`Safe-chain: Bypassing safe-chain for non-pip invocation: ${command} ${args.join(" ")}`);
     // Spawn the ORIGINAL command with ORIGINAL args
-    const { spawn } = await import("child_process");
     return new Promise((_resolve) => {
       const proc = spawn(command, args, { stdio: "inherit" });
       proc.on("exit", (/** @type {number | null} */ code) => {