See the book 📕 for in-depth documentation.

To run on CI as a GitHub Action, see cargo-deny-action.

Please Note: This is a tool that we use (and like!) and it makes sense to us to release it as open source. However, we can’t take any responsibility for your use of the tool, if it will function correctly or fulfil your needs. No functionality in - or information provided by - cargo-deny constitutes legal advice.

Quickstart

bash cargo install --locked cargo-deny && cargo deny init && cargo deny check

Usage

Install cargo-deny

If you want to use cargo-deny without having cargo installed, build cargo-deny with the standalone feature. This can be useful in Docker Images.

```bash cargo install --locked cargo-deny

Or, if you're an Arch user

pacman -S cargo-deny ```

Initialize your project

bash cargo deny init

Check your crates

bash cargo deny check

Licenses

The licenses check is used to verify that every crate you use has license terms you find acceptable.

bash cargo deny check licenses

Bans

The bans check is used to deny (or allow) specific crates, as well as detect and handle multiple versions of the same crate.

bash cargo deny check bans

Advisories

The advisories check is used to detect issues for crates by looking in an advisory database.

bash cargo deny check advisories

Sources

The sources check ensures crates only come from sources you trust.

bash cargo deny check sources

Contributing

We welcome community contributions to this project.

Please read our Contributor Guide for more information on how to get started.

License

Licensed under either of

• Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
• MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.