use cargo-audit in CI

Run cargo audit in CI to detect if some dependencies have known vulnerabilities.
As of now, it complains about memmap and tempdir being unmaintained (both are test-only deps one is test-only deps the other is an actual dependency of tor-dirmgr).