ci: move deny to test (#9524)

Author: DaniPopes

.github/workflows/deny.yml

@@ -110,6 +110,13 @@ jobs:
           cache-on-failure: true
       - run: cargo hack check
 
+  deny:
+    uses: ithacaxyz/ci/.github/workflows/deny.yml@main
+    with:
+      # Clear out arguments to not pass `--all-features` to `cargo deny`.
+      # Many crates have an `openssl` feature which enables banned dependencies.
+      deny-flags: ""
+
   ci-success:
     runs-on: ubuntu-latest
     if: always()
@@ -122,6 +129,7 @@ jobs:
       - rustfmt
       - forge-fmt
       - crate-checks
+      - deny
     timeout-minutes: 30
     steps:
       - name: Decide whether the needed jobs succeeded or failed