cargo-deny for checking both licenses and advisories
cargo-deny would check both licenses and security advisories
cargo deny init to create deny.toml which then can be plugged in CI as well
Ideally cargo deny would run both in PR as well as periodically