CI: ensure to pin the version of every binary dependency

[roblabla]

Currently, binary dependencies are automatically installed by cargo-make. This is fine for personal builds, but it comes with two issues for CI:

1. It will automatically install the newer version of binaries than the one specified
2. It won't use the lockfile, leading to using newer version of the binarie's dependencies

Both can cause reproducibility to suffer. Currently, xargo and cargo-make are built with a specified version and lockfile separately, but it's not the case for mkisofs-rs or cargo-travis. Ideally, it'd be nice to have a flag we can use to tell cargo-make to enforce the installation of the version specified, and using the lockfile. I filed https://github.com/sagiegurari/cargo-make/issues/381 on this topic.

[roblabla]

Cargo-make now has an env variable to do this: CARGO_MAKE_CRATE_INSTALLATION_LOCKED=true.