workflows: Come up with rolling `cargo update` strategy

Ideally it would be nice to have the nightly rolling workflow run `cargo update` and if the build doesn't break, post a PR. However, this can lead to a lot of new dependencies that need auditing. Instead find a strategy that selectively only updates some dependencies that we actually need the latest and greatest of (mainly git deps to other ODP repos and Embassy) to not overwhelm crate auditors. 