chore(ci): add cargo-deny to the CI for supply-chain protection.

2025-12-30 06:32:05 -08:00 · 2025-01-27 11:53:38 +01:00
parent 3effcb313e
commit 03cc609a1e
2 changed files with 141 additions and 0 deletions
--- a/.github/workflows/supply-chain.yml
+++ b/.github/workflows/supply-chain.yml
@@ -0,0 +1,17 @@
+name: Supply-Chain
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  cargo-deny:
+    name: Deny dependencies with vulnerabilities or incompatible licenses
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: EmbarkStudios/cargo-deny-action@v2