Add `cargo audit` or similar support to CI

This was used to find an outdated build library with a vulnerability in rust-rocksdb. Would like conduwuit to have this that runs on a schedule. Vaultwarden has something similar to this running on a schedule.

assigned to @girlbossceo

added ci/cd enhancement low-priority security labels

I have added Trivy with critical, high, medium, and low severity alerts on the repo and fs scan types (what's the difference?), and added cargo audit to engage just in case Trivy isn't reliable or useful.

closed