Use cargo-deny for auditing

Author: djc

.github/workflows/audit.yml

@@ -1,4 +1,4 @@
-name: Security audit
+name: cargo deny
 permissions:
   contents: read
 on:
@@ -14,9 +14,7 @@ jobs:
   audit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           persist-credentials: false
-      - uses: actions-rs/audit-check@v1
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: EmbarkStudios/cargo-deny-action@v1

deny.toml

@@ -0,0 +1,15 @@
+[advisories]
+unsound = "deny"
+yanked = "deny"
+unmaintained = "deny"
+
+[licenses]
+allow-osi-fsf-free = "either"
+copyleft = "warn"
+allow = ["MPL-2.0"]
+exceptions = [{ allow = ["ISC", "MIT", "OpenSSL"], name = "ring" }]
+
+[[licenses.clarify]]
+name = "ring"
+expression = "ISC AND MIT AND OpenSSL"
+license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]