Gate Rust dependency trees on license, advisory, and source-policy violations before merge with cargo-deny
Use cargo-deny when an agent needs to enforce Rust dependency policy before merge by checking advisories, licenses, bans, and source rules in one repeatable gate instead of doing ad hoc manifest review.
What it does
Gate Rust dependency trees on license, advisory, and source-policy violations before merge with cargo-deny
Use cargo-deny when an agent needs to enforce Rust dependency policy before merge by checking advisories, licenses, bans, and source rules in one repeatable gate instead of doing ad hoc manifest review.
Prerequisites
Rust toolchain, Cargo project, cargo-deny configuration file, and CI or local shell access.
Installation
Use the upstream install or setup path that matches your environment:
- cargo install --locked cargo-deny && cargo deny init && cargo deny check
- If you want to use cargo-deny without having cargo installed, build cargo-deny with the standalone feature. This can be useful in Docker Images.
- cargo install --locked cargo-deny
- cargo deny init
Basic usage or getting-started notes:
-
To run on CI as a GitHub Action, see cargo-deny-action.
-
<a href="https://repology.org/project/cargo-deny/versions"><img align="right" src="https://repology.org/badge/vertical-allrepos/cargo-deny.svg" alt="Packaging status"></a>
-
Install cargo-deny
-
Extracted from upstream docs: https://raw.githubusercontent.com/EmbarkStudios/cargo-deny/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,613 chars)