For when a `Cargo.lock`, is included, verify that it isn't stale

[epage]

This is a problem I regularly run into. The most common case is that I update my version and submit it and next time I run cargo, the lock file is changed, making me commit it later.

Ideally, when the Cargo.lock is used, we'd use the --locked flag to ensure it is correct.

[jonhoo]

I think we probably only need to do this in the very first stage (cargo check). Shouldn't be too hard to pull off with something like

[[ -e Cargo.lock ]] && cargo check --locked || cargo check