Most of the problems I put forward in this thread can be solved by git itself.
In this thread, I proposed changes to the way that cargo downloads crates from git [dependencies]. Git-hosted crates are identified in the dependency graph by—among other things—their repository URL and a commit hash. I wanted to de-couple the identifying URL from where the crate is actually downloaded. This "redirection" allows the use of local git mirrors instead of networked repositories.
Git can already do this.
In short:
git config --global url."file:///on/my/disk".insteadOf 'sftp://git@my-server/'
As far as cargo is concerned, the crate's URL remains sftp://git@my-server/whatever.git. Git replaces the URL internally during fetch operations, using prefix matching. Cargo remains unaware of this substitution, and it will continue to refer to the crate in Cargo.lock by its original URL. For further reading, see git-config and search for "insteadOf."
Given this, changes to cargo are likely not required in order to support my use-case. I hope this helps anyone using similar workflows.