Figure out how to lock specific dependency versions for cargo-zaplib

[disambiguator]

Currently cargo zaplib installs any matching dependencies on its Cargo.toml. Since transitive dependencies aren't pinned to specific versions, this can lead to non-deterministic builds as dependencies publish minor version updates.

Figure out how to lock down all dependencies to a specific version per build, presumably by providing some sort of Cargo.lock.