|
@ -9,6 +9,8 @@ |
|
|
# The values provided in this template are the default values that will be used |
|
|
# The values provided in this template are the default values that will be used |
|
|
# when any section or field is not specified in your own configuration |
|
|
# when any section or field is not specified in your own configuration |
|
|
|
|
|
|
|
|
|
|
|
# Root options |
|
|
|
|
|
|
|
|
# If 1 or more target triples (and optionally, target_features) are specified, |
|
|
# If 1 or more target triples (and optionally, target_features) are specified, |
|
|
# only the specified targets will be checked when running `cargo deny check`. |
|
|
# only the specified targets will be checked when running `cargo deny check`. |
|
|
# This means, if a particular package is only ever used as a target specific |
|
|
# This means, if a particular package is only ever used as a target specific |
|
@ -25,7 +27,36 @@ targets = [ |
|
|
# particular target. target_features are currently not validated against |
|
|
# particular target. target_features are currently not validated against |
|
|
# the actual valid features supported by the target architecture. |
|
|
# the actual valid features supported by the target architecture. |
|
|
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] }, |
|
|
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] }, |
|
|
|
|
|
{ triple = "x86_64-unknown-linux-gnu" }, |
|
|
|
|
|
{ triple = "aarch64-unknown-linux-gnu" }, |
|
|
|
|
|
{ triple = "x86_64-unknown-linux-musl" }, |
|
|
|
|
|
{ triple = "aarch64-apple-darwin" }, |
|
|
|
|
|
{ triple = "x86_64-apple-darwin" }, |
|
|
] |
|
|
] |
|
|
|
|
|
# When creating the dependency graph used as the source of truth when checks are |
|
|
|
|
|
# executed, this field can be used to prune crates from the graph, removing them |
|
|
|
|
|
# from the view of cargo-deny. This is an extremely heavy hammer, as if a crate |
|
|
|
|
|
# is pruned from the graph, all of its dependencies will also be pruned unless |
|
|
|
|
|
# they are connected to another crate in the graph that hasn't been pruned, |
|
|
|
|
|
# so it should be used with care. The identifiers are [Package ID Specifications] |
|
|
|
|
|
# (https://doc.rust-lang.org/cargo/reference/pkgid-spec.html) |
|
|
|
|
|
#exclude = [] |
|
|
|
|
|
# If true, metadata will be collected with `--all-features`. Note that this can't |
|
|
|
|
|
# be toggled off if true, if you want to conditionally enable `--all-features` it |
|
|
|
|
|
# is recommended to pass `--all-features` on the cmd line instead |
|
|
|
|
|
all-features = true |
|
|
|
|
|
# If true, metadata will be collected with `--no-default-features`. The same |
|
|
|
|
|
# caveat with `all-features` applies |
|
|
|
|
|
no-default-features = false |
|
|
|
|
|
# If set, these feature will be enabled when collecting metadata. If `--features` |
|
|
|
|
|
# is specified on the cmd line they will take precedence over this option. |
|
|
|
|
|
#features = [] |
|
|
|
|
|
# When outputting inclusion graphs in diagnostics that include features, this |
|
|
|
|
|
# option can be used to specify the depth at which feature edges will be added. |
|
|
|
|
|
# This option is included since the graphs can be quite large and the addition |
|
|
|
|
|
# of features from the crate(s) to all of the graph roots can be far too verbose. |
|
|
|
|
|
# This option can be overridden via `--feature-depth` on the cmd line |
|
|
|
|
|
feature-depth = 1 |
|
|
|
|
|
|
|
|
# This section is considered when running `cargo deny check advisories` |
|
|
# This section is considered when running `cargo deny check advisories` |
|
|
# More documentation for the advisories section can be found here: |
|
|
# More documentation for the advisories section can be found here: |
|
@ -60,6 +91,12 @@ ignore = [ |
|
|
# * Critical - CVSS Score 9.0 - 10.0 |
|
|
# * Critical - CVSS Score 9.0 - 10.0 |
|
|
#severity-threshold = |
|
|
#severity-threshold = |
|
|
|
|
|
|
|
|
|
|
|
# If this is true, then cargo deny will use the git executable to fetch advisory database. |
|
|
|
|
|
# If this is false, then it uses a built-in git library. |
|
|
|
|
|
# Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support. |
|
|
|
|
|
# See Git Authentication for more information about setting up git authentication. |
|
|
|
|
|
#git-fetch-with-cli = true |
|
|
|
|
|
|
|
|
# This section is considered when running `cargo deny check licenses` |
|
|
# This section is considered when running `cargo deny check licenses` |
|
|
# More documentation for the licenses section can be found here: |
|
|
# More documentation for the licenses section can be found here: |
|
|
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html |
|
|
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html |
|
@ -156,6 +193,14 @@ wildcards = "allow" |
|
|
# * simplest-path - The path to the version with the fewest edges is highlighted |
|
|
# * simplest-path - The path to the version with the fewest edges is highlighted |
|
|
# * all - Both lowest-version and simplest-path are used |
|
|
# * all - Both lowest-version and simplest-path are used |
|
|
highlight = "all" |
|
|
highlight = "all" |
|
|
|
|
|
# The default lint level for `default` features for crates that are members of |
|
|
|
|
|
# the workspace that is being checked. This can be overriden by allowing/denying |
|
|
|
|
|
# `default` on a crate-by-crate basis if desired. |
|
|
|
|
|
workspace-default-features = "allow" |
|
|
|
|
|
# The default lint level for `default` features for external crates that are not |
|
|
|
|
|
# members of the workspace. This can be overriden by allowing/denying `default` |
|
|
|
|
|
# on a crate-by-crate basis if desired. |
|
|
|
|
|
external-default-features = "allow" |
|
|
# List of crates that are allowed. Use with care! |
|
|
# List of crates that are allowed. Use with care! |
|
|
allow = [ |
|
|
allow = [ |
|
|
#{ name = "ansi_term", version = "=0.11.0" }, |
|
|
#{ name = "ansi_term", version = "=0.11.0" }, |
|
@ -170,6 +215,30 @@ deny = [ |
|
|
# is a direct dependency of the otherwise banned crate |
|
|
# is a direct dependency of the otherwise banned crate |
|
|
#{ name = "ansi_term", version = "=0.11.0", wrappers = [] }, |
|
|
#{ name = "ansi_term", version = "=0.11.0", wrappers = [] }, |
|
|
] |
|
|
] |
|
|
|
|
|
|
|
|
|
|
|
# List of features to allow/deny |
|
|
|
|
|
# Each entry the name of a crate and a version range. If version is |
|
|
|
|
|
# not specified, all versions will be matched. |
|
|
|
|
|
#[[bans.features]] |
|
|
|
|
|
#name = "reqwest" |
|
|
|
|
|
# Features to not allow |
|
|
|
|
|
#deny = ["json"] |
|
|
|
|
|
# Features to allow |
|
|
|
|
|
#allow = [ |
|
|
|
|
|
# "rustls", |
|
|
|
|
|
# "__rustls", |
|
|
|
|
|
# "__tls", |
|
|
|
|
|
# "hyper-rustls", |
|
|
|
|
|
# "rustls", |
|
|
|
|
|
# "rustls-pemfile", |
|
|
|
|
|
# "rustls-tls-webpki-roots", |
|
|
|
|
|
# "tokio-rustls", |
|
|
|
|
|
# "webpki-roots", |
|
|
|
|
|
#] |
|
|
|
|
|
# If true, the allowed features must exactly match the enabled feature set. If |
|
|
|
|
|
# this is set there is no point setting `deny` |
|
|
|
|
|
#exact = true |
|
|
|
|
|
|
|
|
# Certain crates/versions that will be skipped when doing duplicate detection. |
|
|
# Certain crates/versions that will be skipped when doing duplicate detection. |
|
|
skip = [ |
|
|
skip = [ |
|
|
#{ name = "ansi_term", version = "=0.11.0" }, |
|
|
#{ name = "ansi_term", version = "=0.11.0" }, |
|
@ -177,7 +246,7 @@ skip = [ |
|
|
# Similarly to `skip` allows you to skip certain crates during duplicate |
|
|
# Similarly to `skip` allows you to skip certain crates during duplicate |
|
|
# detection. Unlike skip, it also includes the entire tree of transitive |
|
|
# detection. Unlike skip, it also includes the entire tree of transitive |
|
|
# dependencies starting at the specified crate, up to a certain depth, which is |
|
|
# dependencies starting at the specified crate, up to a certain depth, which is |
|
|
# by default infinite |
|
|
|
|
|
|
|
|
# by default infinite. |
|
|
skip-tree = [ |
|
|
skip-tree = [ |
|
|
#{ name = "ansi_term", version = "=0.11.0", depth = 20 }, |
|
|
#{ name = "ansi_term", version = "=0.11.0", depth = 20 }, |
|
|
] |
|
|
] |
|
|