ci: Add dependency-policy CI job and deny config

[ReenigneArcher]

Description

Introduce a new CI job (dependency_policy) that installs cargo-run-bin (version parsed from cargo metadata) and runs cargo-deny check licenses to enforce license policy; action steps are pinned to specific commits. Add deny.toml containing an allow-list of compatible licenses (including GPL-3.0-only) and a rule to ignore private licenses. Update Cargo.toml to set license = "GPL-3.0-only" and register cargo-deny in workspace.metadata.bin. Also update .gitignore to ignore .bin (used by cargo-run-bin).

Screenshot

Issues Fixed or Closed

Roadmap Issues

• rust: use cargo-deny roadmap#75

Type of Change

• feat: New feature (non-breaking change which adds functionality)
• fix: Bug fix (non-breaking change which fixes an issue)
• docs: Documentation only changes
• style: Changes that do not affect the meaning of the code (white-space, formatting, missing semicolons, etc.)
• refactor: Code change that neither fixes a bug nor adds a feature
• perf: Code change that improves performance
• test: Adding missing tests or correcting existing tests
• build: Changes that affect the build system or external dependencies
• ci: Changes to CI configuration files and scripts
• chore: Other changes that don't modify src or test files
• revert: Reverts a previous commit
• BREAKING CHANGE: Introduces a breaking change (can be combined with any type above)

Checklist

• Code follows the style guidelines of this project
• Code has been self-reviewed
• Code has been commented, particularly in hard-to-understand areas
• Code docstring/documentation-blocks for new or existing methods/components have been added or updated
• Unit tests have been added or updated for any new or modified functionality

AI Usage

• None: No AI tools were used in creating this PR
• Light: AI provided minor assistance (formatting, simple suggestions)
• Moderate: AI helped with code generation or debugging specific parts
• Heavy: AI generated most or all of the code changes

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 42.54%. Comparing base (8b23796) to head (d8f20a0).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #134   +/-   ##
=======================================
  Coverage   42.54%   42.54%           
=======================================
  Files          55       55           
  Lines        1368     1368           
=======================================
  Hits          582      582           
  Misses        786      786           

---

Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8b23796...d8f20a0. Read the comment docs.