renovate: Fix cargo in-range updates being silently dropped

[cgwalters]

The global :preserveSemverRanges preset sets rangeStrategy: replace for all package managers. For cargo, this overrides its native default of update-lockfile, causing in-range patch bumps to produce empty updates: [] — Renovate detects no change needed and generates no PR.

Concretely, tar = "0.4.43" (which Cargo treats as ^0.4.43) will never be bumped in Cargo.lock when 0.4.44/0.4.45/0.4.46 release, because all of those satisfy the existing range and replace only acts when a version falls outside the range.

Restoring update-lockfile for the cargo manager makes Renovate update Cargo.lock for in-range releases (the same behaviour cargo's manager has by default) while still using replace for out-of-range updates.

Tested locally: dry-run with the broken config produced 4 flattened updates with tar absent; with the fix applied it produced 18 updates including tar 0.4.45 → 0.4.46 correctly assigned to the Rust group.

Closes: #198

Assisted-by: OpenCode (Claude Sonnet 4.6)

[gemini-code-assist]

Code Review

This pull request updates the Renovate shared configuration (renovate-shared-config.json) to restore the update-lockfile range strategy for the cargo manager. This overrides the global :preserveSemverRanges setting, ensuring that Renovate updates the Cargo.lock file for in-range dependency updates, mimicking Cargo's native default behavior. There are no review comments to address, and I have no additional feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.