feat(ci): use cargo deny instead of cargo audit (#41)

.github/workflows/deny.yml

@@ -0,0 +1,16 @@
+# This workflow will run `cargo-deny`, checking for dependency issues related to licensing, known vulnerabilities, and more.
+# The configuration file is in [deny.toml](../../deny.toml).
+name: Cargo Deny
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+  merge_group:
+
+jobs:
+  cargo-deny:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: EmbarkStudios/cargo-deny-action@v2

.github/workflows/rust.yml

@@ -56,26 +56,6 @@ jobs:
       - name: Run clippy
         run: cargo clippy --all --all-targets   -- -D warnings
 
-  audit:
-    name: Audit
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Sources
-        uses: actions/checkout@v4
-      - name: Install Toolchain
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-      - name: Install Audit
-        run: cargo install cargo-audit
-      - name: Rust Cache
-        uses: Swatinem/rust-cache@v2.7.7
-      - name: Run Audit
-        uses: actions-rs/cargo@v1
-        with:
-          command: audit
-
   build:
     name: Build
     runs-on: ${{ matrix.os }}

deny.toml

@@ -0,0 +1,9 @@
+[advisories]
+ignore = []
+
+[licenses]
+allow = [
+  "Apache-2.0",
+  "MIT",
+  "Unicode-3.0"
+]