fix potential race in updating inode cache

Some uses of linkFromAnnex are inside replaceWorkTreeFile, which was
already safe, but others use it directly on the work tree file, which
was race-prone. Eg, if the work tree file was first removed, then
linkFromAnnex called to populate it, the user could have re-written it in
the interim.

This came to light during an audit of all calls of addInodeCaches,
looking for such races. All the other uses of it seem ok.

Sponsored-by: Brett Eisenberg on Patreon

Annex/WorkTree.hs

@@ -131,7 +131,7 @@ scanAnnexedFiles initscan = do
 						fileMode <$> R.getFileStatus f
 					ic <- replaceWorkTreeFile (fromRawFilePath f) $ \tmp -> do
 						let tmp' = toRawFilePath tmp
-						linkFromAnnex k tmp' destmode >>= \case
+						linkFromAnnex' k tmp' destmode >>= \case
 							LinkAnnexOk -> 
 								withTSDelta (liftIO . genInodeCache tmp')
 							LinkAnnexNoop -> return Nothing