ci: drop cargo-audit, use cargo deny, add config, working checks

.github/workflows/security-audit.yml

@@ -11,17 +11,11 @@ jobs:
     steps:
       - uses: actions/checkout@v5
 
-      - name: Install cargo-audit
-        uses: taiki-e/install-action@cargo-audit
-
-      - name: Run cargo audit
-        run: cargo audit --file src-tauri/Cargo.lock
-
       - name: Install cargo-deny
         uses: taiki-e/install-action@cargo-deny
 
       - name: Run cargo deny
-        run: cargo deny --manifest-path src-tauri/Cargo.toml check
+        run: cargo deny --manifest-path src-tauri/Cargo.toml check sources advisories bans --show-stats
 
   npm-audit:
     name: NPM Security Audit

src-tauri/deny.toml

@@ -0,0 +1,39 @@
+[graph]
+targets = [
+	"x86_64-unknown-linux-gnu",
+	"x86_64-pc-windows-msvc",
+	"aarch64-apple-darwin",
+	"x86_64-apple-darwin",
+]
+all-features = true
+no-default-features = false
+
+[output]
+feature-depth = 1
+
+[advisories]
+ignore = [
+    "RUSTSEC-2024-0429",
+]
+unmaintained = "workspace"
+
+[licenses]
+allow = []
+confidence-threshold = 0.8
+exceptions = []
+
+[licenses.private]
+ignore = false
+registries = []
+
+[bans]
+multiple-versions = "allow"
+wildcards = "allow"
+highlight = "all"
+workspace-default-features = "allow"
+external-default-features = "allow"
+allow = []
+
+[sources]
+unknown-registry = "warn"
+unknown-git = "warn"