Run cargo deny in CI linting stage

2022-03-22 13:17:45 +01:00 · 2022-03-22 13:17:45 +01:00 · 593d55fa84
commit 593d55fa84
parent 2f6626ed5a
2 changed files with 38 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -37,6 +37,14 @@ cargo-fmt:
    - rustup component add rustfmt
    - cargo fmt -- --check

+cargo-deny:
+  stage: lint
+  image: rust:latest
+  before_script:
+    - cargo install --locked cargo-deny
+  script:
+    - cargo deny check
+
 cargo-clippy:
  stage: lint
  image: rust:latest
--- a/deny.toml
+++ b/deny.toml
@ -0,0 +1,30 @@
+# SPDX-FileCopyrightText: 2022 Heiko Schaefer <heiko@schaefer.name>
+# SPDX-License-Identifier: MIT OR Apache-2.0
+
+[advisories]
+db-path = "~/.cargo/advisory-db"
+db-urls = ["https://github.com/rustsec/advisory-db"]
+vulnerability = "deny"
+unmaintained = "warn"
+yanked = "warn"
+notice = "warn"
+ignore = [
+    # Ignore time issue for now as there is no solution
+    "RUSTSEC-2020-0159",
+    "RUSTSEC-2020-0071",
+]
+[licenses]
+unlicensed = "deny"
+allow = [
+    "MIT",
+    "Apache-2.0",
+    "BSD-3-Clause",
+    "BSD-2-Clause",
+    "ISC",
+    "BSL-1.0",
+    "CC0-1.0",
+]
+deny = [
+    "Nokia",
+]
+copyleft = "allow"