add cargo deny to CI (gitui-org#1285)

* check duplicate dependencies
* also use cargo-deny for licenses checking
* also run cargo deny check in make check

Author: extrawurst

.github/workflows/ci.yml

@@ -118,8 +118,8 @@ jobs:
       run: |
         make test-linux-musl
 
-  rustfmt:
-    name: Formatting
+  linting:
+    name: Lints
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@master
@@ -128,13 +128,26 @@ jobs:
       with:
         toolchain: stable
         components: rustfmt
+    
     - run: cargo fmt -- --check
 
     - name: cargo-sort
       run: |
         cargo install cargo-sort --force
         cargo sort -c -w
 
+    - name: cargo-deny install
+      run: |
+        cargo install --locked cargo-deny
+
+    - name: cargo-deny licenses
+      run: |
+        cargo deny check licenses
+
+    - name: cargo-deny bans
+      run: |
+        cargo deny check bans
+
   sec:
     name: Security audit
     runs-on: ubuntu-latest

Makefile

@@ -57,7 +57,10 @@ clippy:
 clippy-nightly:
 	cargo +nightly clippy --workspace --all-features
 
-check: fmt clippy test
+check: fmt clippy test deny
+
+deny:
+	cargo deny check
 
 install:
 	cargo install --path "." --offline

deny.toml

@@ -0,0 +1,20 @@
+[licenses]
+unlicensed = "deny"
+allow = [
+    "MIT",
+    "Apache-2.0",
+    "BSD-2-Clause",
+    "BSD-3-Clause"
+]
+copyleft = "warn"
+allow-osi-fsf-free = "neither"
+default = "deny"
+confidence-threshold = 0.9
+
+[[licenses.exceptions]]
+allow = ["Unicode-DFS-2016"]
+name = "unicode-ident"
+version = "1.0.3"
+
+[bans]
+multiple-versions = "deny"