chore: Bump ptree to update config dependency

[joonas]

Bumping ptree to 0.5.0 in order to pull in config 0.14.0, which addresses some outstanding security issues:

Before:

Scanned old.spdx.json as SPDX SBOM and found 490 packages
╭─────────────────────────────────────┬──────┬───────────┬──────────────┬─────────┬───────────────────╮
│ OSV URL                             │ CVSS │ ECOSYSTEM │ PACKAGE      │ VERSION │ SOURCE            │
├─────────────────────────────────────┼──────┼───────────┼──────────────┼─────────┼───────────────────┤
│ https://osv.dev/RUSTSEC-2021-0139   │      │ crates.io │ ansi_term    │ 0.12.1  │ all-old.spdx.json │
│ https://osv.dev/RUSTSEC-2021-0145   │      │ crates.io │ atty         │ 0.2.14  │ all-old.spdx.json │
│ https://osv.dev/GHSA-g98v-hv3f-hcfr │      │           │              │         │                   │
│ https://osv.dev/RUSTSEC-2024-0375   │      │ crates.io │ atty         │ 0.2.14  │ all-old.spdx.json │
│ https://osv.dev/GHSA-wq9x-qwcq-mmgf │ 8.9  │ crates.io │ diesel       │ 2.1.6   │ all-old.spdx.json │
│ https://osv.dev/RUSTSEC-2024-0365   │      │ crates.io │ diesel       │ 2.1.6   │ all-old.spdx.json │
│ https://osv.dev/GHSA-2326-pfpj-vx3h │      │ crates.io │ lexical-core │ 0.7.6   │ all-old.spdx.json │
│ https://osv.dev/RUSTSEC-2023-0086   │      │ crates.io │ lexical-core │ 0.7.6   │ all-old.spdx.json │
│ https://osv.dev/RUSTSEC-2024-0373   │ 8.7  │ crates.io │ quinn-proto  │ 0.11.6  │ all-old.spdx.json │
│ https://osv.dev/GHSA-vr26-jcq5-fjj8 │      │           │              │         │                   │
│ https://osv.dev/RUSTSEC-2024-0320   │      │ crates.io │ yaml-rust    │ 0.4.5   │ all-old.spdx.json │
╰─────────────────────────────────────┴──────┴───────────┴──────────────┴─────────┴───────────────────╯

After:

Scanned new.spdx.json as SPDX SBOM and found 499 packages
╭─────────────────────────────────────┬──────┬───────────┬─────────────┬─────────┬───────────────╮
│ OSV URL                             │ CVSS │ ECOSYSTEM │ PACKAGE     │ VERSION │ SOURCE        │
├─────────────────────────────────────┼──────┼───────────┼─────────────┼─────────┼───────────────┤
│ https://osv.dev/RUSTSEC-2021-0139   │      │ crates.io │ ansi_term   │ 0.12.1  │ all.spdx.json │
│ https://osv.dev/RUSTSEC-2021-0145   │      │ crates.io │ atty        │ 0.2.14  │ all.spdx.json │
│ https://osv.dev/GHSA-g98v-hv3f-hcfr │      │           │             │         │               │
│ https://osv.dev/RUSTSEC-2024-0375   │      │ crates.io │ atty        │ 0.2.14  │ all.spdx.json │
│ https://osv.dev/GHSA-wq9x-qwcq-mmgf │ 8.9  │ crates.io │ diesel      │ 2.1.6   │ all.spdx.json │
│ https://osv.dev/RUSTSEC-2024-0365   │      │ crates.io │ diesel      │ 2.1.6   │ all.spdx.json │
│ https://osv.dev/RUSTSEC-2024-0373   │ 8.7  │ crates.io │ quinn-proto │ 0.11.6  │ all.spdx.json │
│ https://osv.dev/GHSA-vr26-jcq5-fjj8 │      │           │             │         │               │
│ https://osv.dev/RUSTSEC-2024-0320   │      │ crates.io │ yaml-rust   │ 0.4.5   │ all.spdx.json │
╰─────────────────────────────────────┴──────┴───────────┴─────────────┴─────────┴───────────────╯

This also sets the stage to pull in a newer version of ptree to get rid of atty in case I can convince the author to merge changes for getting rid of it: https://gitlab.com/Noughmad/ptree/-/merge_requests/10