Nuke git2 + openssl (#520)

This is a massive refactor that should be split up into multiple PRs,
but I am lazy, so that won't happen.

## `crates-index` -> `tame-index`

The `crates-index` crate had a problematic API that lead to duplicating
functionality present in the crate because it wasn't exposed publicly,
and was actually causing massive slowdowns when running cargo-deny in
eg. CI since `krates` was downloading the entire git index because of
how the default functionality in `crates-index` worked, thus I made
[`tame-index`](https://github.com/EmbarkStudios/tame-index) to better
suit the needs of this crate, as well as
[`cargo-fetcher`](https://github.com/EmbarkStudios/cargo-fetcher). Also,
it is now unfortunately
[unmaintained](frewsxcv/rust-crates-index#132).

This also means that scenarios such as #515 are _much_ easier to both
implement and support due to better testing since `tame-index` supports
[local
registry](https://doc.rust-lang.org/cargo/reference/source-replacement.html#local-registry-sources)
source replacement.

## `git2` -> `gix`

`tame-index` uses `gix` for its git implementation because
git2/openssl/openssh are...let's just say I'm not a fan. This PR now
replaces the usage of `git2`, for syncing advisory databases, with `gix`
removing (and adding) a lot of dependencies.

Resolves: #361
Resolves: #515
Resolves: #522
Resolves: #446 (I think this was already resolved in a previous version,
but the issue was still open)
Resolves: #435 (I have no idea if this is actually fixed, but I have no
repro, and we aren't using git2 any longer, so maybe?)
Resolves: #439 (I was never able to repro, but this is no longer
applicable as we never fetch a specific branch for a git remote for
either advisory databases nor git registry indices, but rather just use
the remote `FETCH_HEAD`)
Closes: #295 (This PR removes cargo support altogether, as it is
currently tied to openssl/curl/etc and not currently worth pursuing)

.github/workflows/ci.yaml

@@ -35,7 +35,7 @@ jobs:
     name: Test
     strategy:
       matrix:
-        os: [ubuntu-22.04, windows-2022]
+        os: [ubuntu-22.04]
     runs-on: ${{ matrix.os }}
     steps:
       # We need to disable conversion to CRLF line endings on windows because it's
@@ -99,7 +99,7 @@ jobs:
         # Also, build and run with musl, this lets us ensure that
         # musl still works, which is important for the linux binaries
         # we release, but wasn't exercised until now
-        run: cargo install --path . --debug --target ${{ matrix.target }} --features standalone
+        run: cargo install --path . --debug --target ${{ matrix.target }}
       - name: self check
         run: cargo deny -L debug --all-features --locked check
       - name: check external users
@@ -112,7 +112,7 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - env:
-          version: "0.4.28"
+          version: "0.4.32"
         run: |
           set -e
           curl -L https://github.com/rust-lang-nursery/mdBook/releases/download/v${version}/mdbook-v${version}-x86_64-unknown-linux-gnu.tar.gz | tar xzf -
@@ -134,19 +134,6 @@ jobs:
       - name: cargo publish
         run: cargo publish --dry-run
 
-  msrv-check:
-    name: Minimum Stable Rust Version Check
-    runs-on: ubuntu-22.04
-    steps:
-      - uses: actions/checkout@v3
-      - uses: dtolnay/rust-toolchain@stable
-        with:
-          toolchain: "1.65.0"
-      - uses: Swatinem/rust-cache@v2
-      - run: cargo fetch
-      - name: cargo check
-        run: cargo check --all-targets
-
   release:
     name: Release
     #needs: [test, self, doc-book]

.gitignore

@@ -1,5 +1,6 @@
 /target
 **/*.rs.bk
-/examples/06_advisories/target
+/examples/**/target
+/tests/test_data/**/target
 scripts/check
 *.snap.new

.gitmodules

@@ -1,3 +1,6 @@
 [submodule "tests/advisory-db/github.com-2f857891b7f43c59"]
-	path = tests/advisory-db/github.com-2f857891b7f43c59
+	path = tests/advisory-db/github.com-a946fc29ac602819
 	url = https://github.com/rustsec/advisory-db
+[submodule "tests/advisory-db/github.com-c373669cccc50ac0"]
+	path = tests/advisory-db/github.com-c373669cccc50ac0
+	url = https://github.com/EmbarkStudios/test-advisory-db