cargo-audit: lock to version 0.20.0

[sapinb]

Description

Lock cargo audit used in actions to v0.20.0 to workaround issue:

cargo audit
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 664 security advisories (from /Users/sapinb/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1235 crate dependencies)
The application panicked (crashed).
Message:  invalid Cargo.lock dependency tree: Resolution("failed to find dependency: substrate-bn 0.6.0 (git+https://github.com/sp1-patches/bn?tag=substrate_bn-v0.6.0-patch-v2)")
Location: /Users/sapinb/.cargo/registry/src/index.crates.io-6f17d22bba15001f/cargo-audit-0.21.0/src/presenter.rs:114

Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it.
Run with RUST_BACKTRACE=full to include source snippets.

https://github.com/rustsec/rustsec/issues/1249#issuecomment-2423257490

Type of Change

• [ ] Bug fix (non-breaking change which fixes an issue)
• [ ] New feature/Enhancement (non-breaking change which adds functionality or enhances an existing one)
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
• [ ] Documentation update
• [ ] Refactor
• [ ] New or updated tests

Checklist

• [ ] I have performed a self-review of my code.
• [ ] I have commented my code where necessary.
• [ ] I have updated the documentation if needed.
• [ ] My changes do not introduce new warnings.
• [ ] I have added tests that prove my changes are effective or that my feature works.
• [ ] New and existing tests pass with my changes.

Related Issues

[storopoli]

I've followed the issue so that when it's solved we can revert this. Thanks @sapinb :)