From 8ae928c5f9719664a2e40f8f6c904eab06db122b Mon Sep 17 00:00:00 2001
From: iamjpotts <8704475+iamjpotts@users.noreply.github.com>
Date: Mon, 21 Aug 2023 15:41:30 -0500
Subject: [PATCH] Add cargo deny config and add cargo deny job to ci (#254)

* Add cargo deny config and add cargo deny job to ci

* Run CI on pull requests
---
 .github/workflows/ci.yml | 14 ++++++++++++++
 deny.toml                | 40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 deny.toml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 828f868d5..31deb938d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -3,9 +3,23 @@ on:
     branches:
       - master
   pull_request:
+    branches:
+      - master
 
 name: CI
 jobs:
+  deny:
+    name: Cargo deny
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@v3
+      - uses: EmbarkStudios/cargo-deny-action@v1
+    timeout-minutes: 10
+
   build_and_test:
     name: OS Test
     strategy:
diff --git a/deny.toml b/deny.toml
new file mode 100644
index 000000000..ce0ef1cc0
--- /dev/null
+++ b/deny.toml
@@ -0,0 +1,40 @@
+
+[advisories]
+notice = "deny"
+unmaintained = "deny"
+vulnerability = "deny"
+yanked = "deny"
+ignore = []
+
+[licenses]
+allow = [
+    "Apache-2.0",
+    "MIT",
+]
+default = "deny"
+confidence-threshold = 1.0
+unlicensed = "deny"
+
+[bans]
+allow = []
+deny = []
+multiple-versions = "deny"
+skip = [
+    # Transitive dependency of both redox_syscall and rustix (rustix has newer).
+    #
+    # Only one version of bitflags ultimately gets compiled in due to OS-based feature flags in tempfile.
+    { name = "bitflags" },
+]
+skip-tree = []
+wildcards = "deny"
+
+[sources]
+allow-git = []
+allow-registry = ["https://github.com/rust-lang/crates.io-index"]
+unknown-git = "deny"
+unknown-registry = "deny"
+
+[sources.allow-org]
+github = []
+gitlab = []
+bitbucket = []