chore: add cargo-deny action (#107)

ThirdEyeSqueegee · web-flow · commit 4e08f071450b · 2025-06-26T14:44:03.000-07:00
*Issue #, if available:*

*Description of changes:*
- Add `cargo-deny` action for license vetting

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -39,6 +39,10 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version: "stable"
+      - name: Check licenses
+        run: |
+          cargo install cargo-deny
+          cargo-deny check licenses
       - name: Build
         run: cargo build --verbose
       - name: Run tests
diff --git a/deny.toml b/deny.toml
@@ -0,0 +1,5 @@
+[licenses]
+# List of explicitly allowed licenses
+# See https://spdx.org/licenses/ for list of possible licenses
+# [possible values: any SPDX 3.11 short identifier (+ optional exception)].
+allow = ["MIT", "Apache-2.0", "Unicode-3.0", "ISC", "BSD-3-Clause", "OpenSSL"]
