You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

243 lines
11 KiB

3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
3 years ago
3 years ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
9 months ago
3 years ago
3 years ago
9 months ago
3 years ago
  1. # This template contains all of the possible sections and their default values
  2. # Note that all fields that take a lint level have these possible values:
  3. # * deny - An error will be produced and the check will fail
  4. # * warn - A warning will be produced, but the check will not fail
  5. # * allow - No warning or error will be produced, though in some cases a note
  6. # will be
  7. # The values provided in this template are the default values that will be used
  8. # when any section or field is not specified in your own configuration
  9. # Root options
  10. # The graph table configures how the dependency graph is constructed and thus
  11. # which crates the checks are performed against
  12. [graph]
  13. # If 1 or more target triples (and optionally, target_features) are specified,
  14. # only the specified targets will be checked when running `cargo deny check`.
  15. # This means, if a particular package is only ever used as a target specific
  16. # dependency, such as, for example, the `nix` crate only being used via the
  17. # `target_family = "unix"` configuration, that only having windows targets in
  18. # this list would mean the nix crate, as well as any of its exclusive
  19. # dependencies not shared by any other crates, would be ignored, as the target
  20. # list here is effectively saying which targets you are building for.
  21. targets = [
  22. # The triple can be any string, but only the target triples built in to
  23. # rustc (as of 1.40) can be checked against actual config expressions
  24. #"x86_64-unknown-linux-musl",
  25. # You can also specify which target_features you promise are enabled for a
  26. # particular target. target_features are currently not validated against
  27. # the actual valid features supported by the target architecture.
  28. #{ triple = "wasm32-unknown-unknown", features = ["atomics"] },
  29. "x86_64-unknown-linux-gnu",
  30. "aarch64-unknown-linux-gnu",
  31. "x86_64-unknown-linux-musl",
  32. "x86_64-unknown-freebsd",
  33. "aarch64-apple-darwin",
  34. "x86_64-apple-darwin",
  35. ]
  36. # When creating the dependency graph used as the source of truth when checks are
  37. # executed, this field can be used to prune crates from the graph, removing them
  38. # from the view of cargo-deny. This is an extremely heavy hammer, as if a crate
  39. # is pruned from the graph, all of its dependencies will also be pruned unless
  40. # they are connected to another crate in the graph that hasn't been pruned,
  41. # so it should be used with care. The identifiers are [Package ID Specifications]
  42. # (https://doc.rust-lang.org/cargo/reference/pkgid-spec.html)
  43. #exclude = []
  44. # If true, metadata will be collected with `--all-features`. Note that this can't
  45. # be toggled off if true, if you want to conditionally enable `--all-features` it
  46. # is recommended to pass `--all-features` on the cmd line instead
  47. all-features = true
  48. # If true, metadata will be collected with `--no-default-features`. The same
  49. # caveat with `all-features` applies
  50. no-default-features = false
  51. # If set, these feature will be enabled when collecting metadata. If `--features`
  52. # is specified on the cmd line they will take precedence over this option.
  53. #features = []
  54. # The output table provides options for how/if diagnostics are outputted
  55. [output]
  56. # When outputting inclusion graphs in diagnostics that include features, this
  57. # option can be used to specify the depth at which feature edges will be added.
  58. # This option is included since the graphs can be quite large and the addition
  59. # of features from the crate(s) to all of the graph roots can be far too verbose.
  60. # This option can be overridden via `--feature-depth` on the cmd line
  61. feature-depth = 1
  62. # This section is considered when running `cargo deny check advisories`
  63. # More documentation for the advisories section can be found here:
  64. # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
  65. [advisories]
  66. # The path where the advisory databases are cloned/fetched into
  67. #db-path = "$CARGO_HOME/advisory-dbs"
  68. # The url(s) of the advisory databases to use
  69. #db-urls = ["https://github.com/rustsec/advisory-db"]
  70. # A list of advisory IDs to ignore. Note that ignored advisories will still
  71. # output a note when they are encountered.
  72. ignore = [
  73. #"RUSTSEC-0000-0000",
  74. #{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" },
  75. #"a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish
  76. #{ crate = "a-crate-that-is-yanked@0.1.1", reason = "you can specify why you are ignoring the yanked crate" },
  77. ]
  78. # If this is true, then cargo deny will use the git executable to fetch advisory database.
  79. # If this is false, then it uses a built-in git library.
  80. # Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support.
  81. # See Git Authentication for more information about setting up git authentication.
  82. #git-fetch-with-cli = true
  83. # This section is considered when running `cargo deny check licenses`
  84. # More documentation for the licenses section can be found here:
  85. # https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
  86. [licenses]
  87. # List of explicitly allowed licenses
  88. # See https://spdx.org/licenses/ for list of possible licenses
  89. # [possible values: any SPDX 3.11 short identifier (+ optional exception)].
  90. allow = [
  91. "Apache-2.0",
  92. "BSD-3-Clause",
  93. "MIT",
  94. "Unicode-3.0",
  95. "Unicode-DFS-2016",
  96. ]
  97. # The confidence threshold for detecting a license from license text.
  98. # The higher the value, the more closely the license text must be to the
  99. # canonical license text of a valid SPDX license file.
  100. # [possible values: any between 0.0 and 1.0].
  101. confidence-threshold = 0.8
  102. # Allow 1 or more licenses on a per-crate basis, so that particular licenses
  103. # aren't accepted for every possible crate as with the normal allow list
  104. exceptions = [
  105. # Each entry is the crate and version constraint, and its specific allow
  106. # list
  107. #{ allow = ["Zlib"], crate = "adler32" },
  108. ]
  109. # Some crates don't have (easily) machine readable licensing information,
  110. # adding a clarification entry for it allows you to manually specify the
  111. # licensing information
  112. #[[licenses.clarify]]
  113. # The package spec the clarification applies to
  114. #crate = "ring"
  115. # The SPDX expression for the license requirements of the crate
  116. #expression = "MIT AND ISC AND OpenSSL"
  117. # One or more files in the crate's source used as the "source of truth" for
  118. # the license expression. If the contents match, the clarification will be used
  119. # when running the license check, otherwise the clarification will be ignored
  120. # and the crate will be checked normally, which may produce warnings or errors
  121. # depending on the rest of your configuration
  122. #license-files = [
  123. # Each entry is a crate relative path, and the (opaque) hash of its contents
  124. #{ path = "LICENSE", hash = 0xbd0eed23 }
  125. #]
  126. [licenses.private]
  127. # If true, ignores workspace crates that aren't published, or are only
  128. # published to private registries.
  129. # To see how to mark a crate as unpublished (to the official registry),
  130. # visit https://doc.rust-lang.org/cargo/reference/manifest.html#the-publish-field.
  131. ignore = false
  132. # One or more private registries that you might publish crates to, if a crate
  133. # is only published to private registries, and ignore is true, the crate will
  134. # not have its license(s) checked
  135. registries = [
  136. #"https://sekretz.com/registry
  137. ]
  138. # This section is considered when running `cargo deny check bans`.
  139. # More documentation about the 'bans' section can be found here:
  140. # https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
  141. [bans]
  142. # Lint level for when multiple versions of the same crate are detected
  143. multiple-versions = "warn"
  144. # Lint level for when a crate version requirement is `*`
  145. wildcards = "allow"
  146. # The graph highlighting used when creating dotgraphs for crates
  147. # with multiple versions
  148. # * lowest-version - The path to the lowest versioned duplicate is highlighted
  149. # * simplest-path - The path to the version with the fewest edges is highlighted
  150. # * all - Both lowest-version and simplest-path are used
  151. highlight = "all"
  152. # The default lint level for `default` features for crates that are members of
  153. # the workspace that is being checked. This can be overridden by allowing/denying
  154. # `default` on a crate-by-crate basis if desired.
  155. workspace-default-features = "allow"
  156. # The default lint level for `default` features for external crates that are not
  157. # members of the workspace. This can be overridden by allowing/denying `default`
  158. # on a crate-by-crate basis if desired.
  159. external-default-features = "allow"
  160. # List of crates that are allowed. Use with care!
  161. allow = [
  162. #"ansi_term@0.11.0",
  163. #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is allowed" },
  164. ]
  165. # List of crates to deny
  166. deny = [
  167. #"ansi_term@0.11.0",
  168. #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is banned" },
  169. # Wrapper crates can optionally be specified to allow the crate when it
  170. # is a direct dependency of the otherwise banned crate
  171. #{ crate = "ansi_term@0.11.0", wrappers = ["this-crate-directly-depends-on-ansi_term"] },
  172. ]
  173. # List of features to allow/deny
  174. # Each entry the name of a crate and a version range. If version is
  175. # not specified, all versions will be matched.
  176. #[[bans.features]]
  177. #crate = "reqwest"
  178. # Features to not allow
  179. #deny = ["json"]
  180. # Features to allow
  181. #allow = [
  182. # "rustls",
  183. # "__rustls",
  184. # "__tls",
  185. # "hyper-rustls",
  186. # "rustls",
  187. # "rustls-pemfile",
  188. # "rustls-tls-webpki-roots",
  189. # "tokio-rustls",
  190. # "webpki-roots",
  191. #]
  192. # If true, the allowed features must exactly match the enabled feature set. If
  193. # this is set there is no point setting `deny`
  194. #exact = true
  195. # Certain crates/versions that will be skipped when doing duplicate detection.
  196. skip = [
  197. #"ansi_term@0.11.0",
  198. #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason why it can't be updated/removed" },
  199. ]
  200. # Similarly to `skip` allows you to skip certain crates during duplicate
  201. # detection. Unlike skip, it also includes the entire tree of transitive
  202. # dependencies starting at the specified crate, up to a certain depth, which is
  203. # by default infinite.
  204. skip-tree = [
  205. #"ansi_term@0.11.0", # will be skipped along with _all_ of its direct and transitive dependencies
  206. #{ crate = "ansi_term@0.11.0", depth = 20 },
  207. ]
  208. # This section is considered when running `cargo deny check sources`.
  209. # More documentation about the 'sources' section can be found here:
  210. # https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html
  211. [sources]
  212. # Lint level for what to happen when a crate from a crate registry that is not
  213. # in the allow list is encountered
  214. unknown-registry = "warn"
  215. # Lint level for what to happen when a crate from a git repository that is not
  216. # in the allow list is encountered
  217. unknown-git = "warn"
  218. # List of URLs for allowed crate registries. Defaults to the crates.io index
  219. # if not specified. If it is specified but empty, no registries are allowed.
  220. allow-registry = ["https://github.com/rust-lang/crates.io-index"]
  221. # List of URLs for allowed Git repositories
  222. allow-git = []
  223. [sources.allow-org]
  224. # 1 or more github.com organizations to allow git sources for
  225. #github = [""]
  226. # 1 or more gitlab.com organizations to allow git sources for
  227. #gitlab = [""]
  228. # 1 or more bitbucket.org organizations to allow git sources for
  229. #bitbucket = [""]