github: Run the tests with the latest dependencies

Always check if the tests run with the latest dependencies, to detect
breaking changes early.

The reason we need to run `cargo update` to do so is because we commit
Cargo.lock, since we are a both a library and binary crate [1]. By
committing Cargo.lock, our binaries are guaranteed to build reproducibly
and have the same behavior, but the tests will always run against the
pinned dependencies. This way, a breaking change in a dependency may go
unnoticed, even in a new environment. So, we need to run `cargo update`
to essentially ignore Cargo.lock.

Note that we do this solely for the tests, and nowhere else in the CI
pipeline. This means that Cargo.lock is still used to produce the
binaries, so that they match the binaries that `cargo build` from source
would produce.

[1]: https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html

Author: apyrgio

.github/workflows/CI.yaml

@@ -83,6 +83,13 @@ jobs:
           toolchain: ${{ matrix.rust }}
           override: true
 
+      # Catch any breaking changes in the dependencies early, by always updating
+      # them before running the tests.
+      - name: Update dependencies
+        uses: actions-rs/cargo@v1
+        with:
+          command: update
+
       - name: Test
         uses: actions-rs/cargo@v1
         with: