I tried searching around for this but can't find a topic or bug ticket.
The tl;dr is that the URL used for a package within the Package dependencies value causes a conflict based on case or the inclusion of an extension, rather than validating against the repository itself.
For example, say I have iOS Project A which imports Swift Package B. if iOS Project A uses Alamofire but imports it via
"https://github.com/alamofire/alamofire" and Package B uses Alamofire but imports it via
"https://github.com/Alamofire/Alamofire", SPM is unable to resolve dependencies because it sees these as two individual packages. In Xcode, this then spins indefinitely with no proper error output.
This is annoying but resolvable within a project I own, where I now know of the issue and can simply update the packages, but if iOS Project A imports Swift Package B, which imports Alamofire using either of the URLs above, but then iOS Project A imports the AlamofireImage project, which is outside of my organization and imports Alamofire via another different URL
"https://github.com/Alamofire/Alamofire.git", there's now a conflict and I have to update my packages to match this dependency to resolve them.