cargo-deny is a Cargo subcommand for Rust projects that helps audit and enforce dependency policy.
It can scan dependency graphs for security advisories, flag banned or duplicate crates, verify that crate licenses match your project’s requirements, and ensure dependencies come from approved sources. It’s useful for developers who want tighter control over supply chain, compliance, and dependency hygiene in local development, CI pipelines, and pre-commit workflows.
This is free and open source software.
Key Features
- Checks dependencies against advisory databases for known security issues.
- Lets you allow or deny specific crates and detect multiple versions of the same crate.
- Verifies that dependency licenses comply with policies you define.
- Restricts dependencies to trusted registries, git sources, or other approved origins.
- Integrates with CI workflows, including GitHub Actions and pre-commit hooks.
- Supports project initialization with a configuration file for repeatable policy checks.
Website: github.com/EmbarkStudios/cargo-deny
Support:
Developer: Embark Studios
License: Apache License 2.0 / MIT License
cargo-deny is written in Rust. Learn Rust with our recommended free books and free tutorials.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |