Git dependencies in Rust

[snow flurry <snow%datagirl.xyz@localhost>]

Hello,

I believe this has been talked about before, but I can't find the thread. 
Sorry if this is treading similar ground.

I'm trying to update security/vaultwarden from 1.32.5 to 1.32.7, which 
contains a security fix among other changes. Since 1.32.6 though, one of the 
dependency crates was patched to use a Git commit:

[patch.crates-io]
# Patch yubico to remove duplicate crates of older versions
yubico = { git = "https://github.com/BlackDex/yubico-rs";, rev = 
"00df14811f58155c0f02e3ab10f1570ed3e115c6" }

Is there a common path for handling these sorts of dependencies? print-cargo-
depends in lang/rust/cargo.mk doesn't currently handle this, and the build 
fails when trying to pull a non-existent file from crates.io.

The only workaround I can think of is adding the GitHub tarball for this 
commit as a distfile, and extracting it to ${WRKDIR}/vendor. I haven't tested 
whether cargo would be okay with this though, and it would at least require 
manually updating ${WRKDIR}/.cargo/config.toml after cargo-vendor-crates.