Dependabot alert - heapless

https://github.com/tock/libtock-rs/security/dependabot/1

This is used in ufmt/utils/cargo.toml

It looks like the upstream ufmt updated to heapless 0.7.16, although that could require additional changes. https://github.com/japaric/ufmt/blob/main/utils/Cargo.toml Probably the best thing to do would be to update our vendored ufmt entirely based on the original.