Update: Fully update all transitive dependencies via `cargo update --recursive`

[dbast]

This is maybe a controversial PR, but I found this while working on https://github.com/eza-community/eza/pull/1226

Dependabot seems to only take care of package versions in Cargo.toml and then only updates related transitive packages in Cargo.lock if the pinning constrains of the updated package changes. BUT dependabot never looks at all the transitive dependencies listed in the Cargo.lock and updating all of them to the newest version within the constrains.

Thus this PR fully updates all transitive dependencies (which is a lot) via running cargo update --recursive and committing that. Reveals lots of outdated versions.

Any better approach to do that? (A github workflow doing that and creating a PR every week could be one option... didn't find a way to convince dependabot to fully take care of transitive dependencies).

[dbast]

produces the error:

 error: package `clap v4.5.21` cannot be built because it requires rustc 1.74 or newer, while the currently active rustc version is 1.70.0
  Either upgrade to rustc 1.74 or newer, or use
  cargo update -p clap@4.5.21 --precise ver

[dbast]

One package has to be kept at an older version due to rustc 1.70.0 compatibility. Done via second commit containing the result of cargo update -p clap@4.5.21 --precise 4.4.18

[dbast]

Ready for review :)

[dbast]

Updating url only to 2.5.0 (instead of 2.5.3) massively reduces the overall PR diff from +477 -280 lines to +213 -256 by not introducing that many new transitive dependencies... full update then to be done via further PRs. Maybe that makes this more acceptable.

[dbast]

The tests are passing with rust 1.70.0 by keeping clap at an older version. Anything else to be done for this PR?