That's solid. cargo fix is genuinely underrated because people treat it like a nuclear option when it's really just... a tool that works.
One thing we do differently: run it in CI, commit the changes back to the branch, then human review. Keeps the diff reviewable and catches edge cases where the fix isn't quite right. We've hit a few where the suggestion was technically correct but not what we wanted semantically.
Also worth running cargo audit in the same pass. Turns the whole thing into a "dependency hygiene" job instead of scattered manual fixes.