Vendoring of crates.io rust dependencies

[abbec]

Use Cargo.lock as an input to create a series of fixed output derivations (using fetchurl against crates.io (https://crates.io/api/v1/crates/${name}/${version}/download) (the hash is in Cargo.lock) followed by a derivation to create a vendor directory (and generate that Cargo checksum file) from these. This will avoid having to set any extra hash information on the components since all info is in Cargo.lock and will enable us to use sandboxing.

Use this vendoring technique in checks and builds, not shells.