CICD.yml: Run cargo audit

This CI check will fail if there are crates with known security vulnerabilities in Cargo.lock.

It will not fail because of warnings. We currently have two warnings.

Note that cargo-audit is installed by default on GitHub's Ubuntu
runners.

.github/workflows/CICD.yml

@@ -131,6 +131,13 @@ jobs:
     - name: Show man page
       run: man $(find . -name bat.1)
 
+  cargo-audit:
+    name: cargo audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - run: cargo audit
+
   build:
     name: ${{ matrix.job.target }} (${{ matrix.job.os }})
     runs-on: ${{ matrix.job.os }}