Adapt deny.toml to use git-fetch-with-cli.

It uses its own escape hatch to force use of the CLI, much in the same way that Cargo does. This is critical for Windows. Ref: EmbarkStudios/cargo-deny#420
apollographql · Jan 19, 2023 · e92a9a7 · e92a9a7
1 parent aae001e
commit e92a9a7
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/deny.toml b/deny.toml
@@ -16,6 +16,13 @@ yanked = "warn"
 # 2019-12-17 there are no security notice advisories in
 # https://github.com/rustsec/advisory-db
 notice = "warn"
+
+# If this is true, then cargo deny will use the git executable to fetch advisory database.
+# If this is false, then it uses a built-in git library.
+# Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support.
+# See Git Authentication for more information about setting up git authentication.
+git-fetch-with-cli = true
+
 # A list of advisory IDs to ignore. Note that ignored advisories will still
 # output a note when they are encountered.