KILTprotocol · ntn-x2 · Sep 20, 2024 · Sep 18, 2024 · Sep 18, 2024 · Sep 18, 2024
diff --git a/.cargo-deny.toml b/.cargo-deny.toml
@@ -0,0 +1,53 @@
+# Config file reference can be found at https://embarkstudios.github.io/cargo-deny/checks/cfg.html.
+
+[graph]
+all-features        = false
+exclude-dev         = true
+features            = ["std"]
+no-default-features = true
+
+[advisories]
+ignore = [
+  { id = "RUSTSEC-2020-0168", reason = "`mach` is unmaintained but a Substrate dependency. Re-verify upon next polkadot-sdk updates." },
+  { id = "RUSTSEC-2021-0139", reason = "`ansi_term` is unmaintained but a Substrate dependency. Re-verify upon next polkadot-sdk updates." },
+  { id = "RUSTSEC-2022-0061", reason = "`parity-wasm` is unmaintained but a Substrate dependency. Re-verify upon next polkadot-sdk updates." },
+  { id = "RUSTSEC-2022-0080", reason = "`parity-util-mem` is unmaintained but a Substrate dependency. Re-verify upon next polkadot-sdk updates." },
+  { id = "RUSTSEC-2024-0336", reason = "`rustls` vulnerability. Re-verify upon next polkadot-sdk updates." },
+  { id = "RUSTSEC-2024-0344", reason = "`curve25519-dalek` vulnerability. Re-verify upon next polkadot-sdk updates." },
+  { id = "RUSTSEC-2024-0370", reason = "`proc-macro-error` is unmaintained but a Substrate dependency. Re-verify upon next polkadot-sdk updates." },
+]
+yanked = "deny"
+
+[bans]
+allow-wildcard-paths = true
+multiple-versions    = "allow"
+
+[licenses]
+allow = [
+  "Apache-2.0 WITH LLVM-exception",
+  "Apache-2.0",
+  "BSD-2-Clause",
+  "BSD-3-Clause",
+  "CC0-1.0",
+  "GPL-3.0 WITH Classpath-exception-2.0",
+  "GPL-3.0",
+  "ISC",
+  "MIT",
+  "MPL-2.0",
+  "OpenSSL",
+  "SSPL-1.0",
+  "Unicode-DFS-2016",
+  "Zlib",
+]
+private = { ignore = false }
+unused-allowed-license = "deny"
+
+[[licenses.clarify]]
+expression    = "MIT AND ISC AND OpenSSL"
+license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]
+name          = "ring"
+
+[sources]
+allow-git        = ["https://github.com/paritytech/polkadot-sdk"]
+unknown-git      = "deny"
+unknown-registry = "deny"
diff --git a/.github/workflows/check-code.yml b/.github/workflows/check-code.yml
@@ -110,6 +110,23 @@ jobs:
       - name: Run `taplo`
         run: taplo fmt --check
 
+  cargo-deny:
+    name: Check cargo-deny rules
+    runs-on: ubuntu-latest
+    needs: get-commit-head
+    if: ${{ !contains(needs.get-commit-head.outputs.headCommitMsg, 'ci-skip-rust') }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Run `cargo deny`
+        uses: EmbarkStudios/cargo-deny-action@v2
+        with:
+          # All is set in the config file
+          arguments:
+          command-arguments: "--hide-inclusion-graph -c .cargo-deny.toml --show-stats -D warnings"
+
   integration-tests:
     name: Run Chopsticks tests
     runs-on: ubuntu-latest

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/LICENSE b/LICENSE
@@ -176,4 +176,4 @@ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY C
 
 If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
 
-END OF TERMS AND CONDITIONS
+END OF TERMS AND CONDITIONS