GitHub Action for running cargo-deny to help manage Cargo crate dependencies and validate licenses.
Create a deny.toml file in the root of the repo to use as rules for the action (example).
See cargo-deny for instructions and details of the format and capabilities.
This action will run cargo-deny check and report failure if any banned crates or disallowed open source licenses are found used in the crate or its dependencies.
The action has three optional inputs
rust-version: The rust/cargo version to use, updated before cargo-deny is run. Defaults to the version in the image, which is currently 1.71.0.log-level: The log level to use forcargo-deny, default iswarncommand: The command to use forcargo-deny, default ischeckarguments: The argument to pass tocargo-deny, default is--all-features. See Common Options for a list of the available options.manifest-path: The path to a Cargo.toml file to use as the root. Defaults to./Cargo.toml. Note this argument is always passed, so you can't have it inargumentsas well, just set it it to the value you had inargumentsif you were using it there.command-argumentsThe argument to pass to the command, default is emtpy. See options for each command.credentialsThis argument stores the credentials in the file$HOME/git-credentials, and configures git to use it. The credential must match the formathttps://user:pass@github.com
name: CI
on: [push, pull_request]
jobs:
cargo-deny:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1name: CI
on: [push, pull_request]
jobs:
cargo-deny:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1
with:
log-level: warn
manifest-path: ./Cargo.toml
command: check
arguments: --all-features
command-arguments: ""
credentials: https://${{ secrets.GITHUB_USER }}:${{ secrets.GITHUB_PAT }}@github.comname: CI
on: [push, pull_request]
jobs:
cargo-deny:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1
with:
rust-version: "1.60.0"
log-level: warn
command: check
arguments: --all-featuresIf you use this pipeline, you should have Cargo.lock files checked into your
repository.
name: CI
on:
pull_request:
paths:
- '**/Cargo.lock'
- '**/Cargo.toml'
jobs:
cargo-deny:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check bans licenses sourcesname: CI
on: [push, pull_request]
jobs:
cargo-deny:
runs-on: ubuntu-22.04
strategy:
matrix:
checks:
- advisories
- bans licenses sources
# Prevent sudden announcement of a new advisory from failing ci:
continue-on-error: ${{ matrix.checks == 'advisories' }}
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check ${{ matrix.checks }}Repositories using this action (PR to add your repo):
- ash-molten
- asn1rs
- cargo-about
- cargo-fetcher
- gitoxide
- glam-rs
- linkerd2-proxy
- OctaSine
- PackSquash
- physx-rs
- smush
- tame-gcs
- tame-oauth
- texture-synthesis
- tonic
- β‘οΈdotenv-linter
- wasm-oidc-plugin
We welcome community contributions to this project.
Please read our Contributor Guide for more information on how to get started.
Licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.