From 10ca0f51148b7c127235e7ec74c6b3e907e88abe Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Wed, 18 Mar 2026 23:28:00 +0900
Subject: [PATCH 1/2] Update cargo deny configuration

Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
 deny.toml | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/deny.toml b/deny.toml
index 55850ee..3af65bf 100644
--- a/deny.toml
+++ b/deny.toml
@@ -1,9 +1,24 @@
+[graph]
 targets = [
     { triple = "x86_64-unknown-linux-gnu" },
     { triple = "aarch64-unknown-linux-gnu" },
     { triple = "x86_64-unknown-linux-musl" },
 ]
 
+[advisories]
+db-path = "~/.cargo/advisory-db"
+db-urls = ["https://github.com/rustsec/advisory-db"]
+# we still use serde_cbor for packed CBOR format
+ignore = ["RUSTSEC-2021-0127"]
+
 [licenses]
-unlicensed = "deny"
-allow = ["GPL-3.0-or-later", "MIT", "ISC", "Unicode-DFS-2016", "BSD-2-Clause", "BSD-3-Clause"]
\ No newline at end of file
+allow = [
+    "Apache-2.0",
+    "GPL-3.0-or-later",
+    "MIT",
+    "ISC",
+    "Unicode-3.0",
+    "Unicode-DFS-2016",
+    "BSD-2-Clause",
+    "BSD-3-Clause"
+]

From 3694aec0d7cd00b32cb5dfba14061b079d064b9e Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Wed, 18 Mar 2026 23:29:06 +0900
Subject: [PATCH 2/2] ci: Enable cargo-deny-action

Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
 .github/workflows/rust.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index 273453e..5e8e436 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -18,6 +18,12 @@ jobs:
     - name: Check formatting
       run: cargo fmt --all -- --check
 
+  cargo-deny:
+      runs-on: ubuntu-latest
+      steps:
+        - uses: actions/checkout@v6
+        - uses: EmbarkStudios/cargo-deny-action@v2
+
   build:
     name: Fedora tests
     runs-on: ubuntu-latest