Investigate dependency version ranges to maximise compatibility

[Xophmeister]

(Discussed with @Niols during the Topiary weekly.)

Is your feature request related to a problem? Please describe.
Currently, the dependencies used by Topiary are pinned to specific versions (or, at least, minor versions). Often, during development, those versions are bumped in the Cargo.lock. When distributing Topiary, to enable building on the widest range of targets as possible, it would make sense to allow a range of versions for each dependency.

(n.b.: Dependencies include the Rust toolchain.)

Describe the solution you'd like
The easiest thing to do, rather than investigating all combinations of dependency versions is to pick a point that is the "minimum" set of dependency versions for the range. Thereafter, the range could be extended into newer versions of each dependency.

A scheduled CI job could be created to check that the minimum and maximum sets still build correctly.

Additional context
Once a range is established, care should be taken when developing new PRs; especially those that introduce new dependencies or extend existing dependencies' ranges.

[torhovland]

It's an interesting challenge. The flip side is that you do want to stay on top of changes in dependencies, to keep the code base maintainable.

[Xophmeister]

Indeed; at some point those minimum versions may have to be bumped to unlock necessary features/bug fixes.

[torhovland]

Yes, but it's not just about necessary features and fixes. It's also about staying on top of breaking changes in new versions, so we don't get stuck in a technical debt hole with dependency versions that are no longer managed and can no longer be upgraded easily.