feat(repopo): Add Rust security and audit policies

## Summary

Add policies for security best practices in Rust projects.

## Proposed Policies

### DenyAuditConfigured
Require `deny.toml` for cargo-deny security auditing:
```typescript
makePolicy(DenyAuditConfigured, {
  requiredSections: ["advisories", "licenses", "bans"],
  advisories: {
    vulnerability: "deny",
    unmaintained: "warn",
  },
})
```

### NoWildcardDependencies
Prevent overly permissive version specs:
```typescript
makePolicy(NoWildcardDependencies, {
  deny: ["*"],           // Never allow wildcard
  warn: [">="],          // Warn on unbounded ranges
  allowDev: true,        // More lenient for dev-dependencies
})
```

### NoUnsafeWithoutJustification
Scan for `unsafe` blocks without safety documentation:
```typescript
makePolicy(NoUnsafeWithoutJustification, {
  requireComment: "// SAFETY:",
  excludePaths: ["src/ffi/"],  // Allow in FFI modules
})
```

This is a code-scanning policy that would need to parse Rust source files.

## Use Case

Ensuring Rust projects follow security best practices for dependency management and unsafe code documentation.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(repopo): Add Rust security and audit policies #614

Summary

Proposed Policies

DenyAuditConfigured

NoWildcardDependencies

NoUnsafeWithoutJustification

Use Case

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

feat(repopo): Add Rust security and audit policies #614

Description

Summary

Proposed Policies

DenyAuditConfigured

NoWildcardDependencies

NoUnsafeWithoutJustification

Use Case

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions