cargo-deny is a cargo plugin that lets you lint your project's dependency graph to ensure all your dependencies conform to your expectations and requirements.
Installs cargo-deny, initializes your project with a default configuration, then runs all of the checks against your project.
cargo install --locked cargo-deny && cargo deny init && cargo deny check
cargo-deny is intended to be used as a Command Line Tool, see the link for the available commands and options.
cargo-deny supports several classes of checks, see Checks for the available checks and their configuration options.
cargo-deny is primarily meant to be used as a cargo plugin, but a majority of its functionality is within a library whose docs you may view on docs.rs
For GitHub projects, one can run cargo-deny automatically as part of continuous integration using a GitHub Action:
name: CI on: [push, pull_request] jobs: cargo-deny: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: EmbarkStudios/cargo-deny-action@v1
For more information, see