Skip to content

Commit

Permalink
ci: Update deny.toml to reflect the latest changes (#83)
Browse files Browse the repository at this point in the history
* deny: Advisories are denied by default, they are no longer configurable

Signed-off-by: Alexandru Vasile <[email protected]>

* deny: Remove deprecated licenses fields and move targets to graph

Signed-off-by: Alexandru Vasile <[email protected]>

* deny: Allow MIT and Apache licenses

Signed-off-by: Alexandru Vasile <[email protected]>

* deny: Allow unicode license

Signed-off-by: Alexandru Vasile <[email protected]>

---------

Signed-off-by: Alexandru Vasile <[email protected]>
  • Loading branch information
lexnv authored Oct 9, 2024
1 parent f81f847 commit 50d42be
Showing 1 changed file with 24 additions and 41 deletions.
65 changes: 24 additions & 41 deletions deny.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,6 @@
# * warn - A warning will be produced, but the check will not fail
# * allow - No warning or error will be produced, though in some cases a note will be

# If 1 or more target triples (and optionally, target_features) are specified, only
# the specified targets will be checked when running `cargo deny check`. This means,
# if a particular package is only ever used as a target specific dependency, such
# as, for example, the `nix` crate only being used via the `target_family = "unix"`
# configuration, that only having windows targets in this list would mean the nix
# crate, as well as any of its exclusive dependencies not shared by any other
# crates, would be ignored, as the target list here is effectively saying which
# targets you are building for.
targets = [
# The triple can be any string, but only the target triples built in to
# rustc (as of 1.40) can be checked against actual config expressions
#{ triple = "x86_64-unknown-linux-musl" },
# You can also specify which target_features you promise are enabled for a particular
# target. target_features are currently not validated against the actual valid
# features supported by the target architecture.
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] },
]

# This section is considered when running `cargo deny check advisories`
# More documentation for the advisories section can be found here:
# https://github.com/EmbarkStudios/cargo-deny#the-advisories-section
Expand All @@ -31,13 +13,6 @@ targets = [
db-path = "~/.cargo/advisory-db"
# The url(s) of the advisory database to use
db-urls = ["https://github.com/rustsec/advisory-db"]
# The lint level for security vulnerabilities
vulnerability = "warn"
# The lint level for unmaintained crates
unmaintained = "warn"
# The lint level for crates with security notices. Note that as of
# 2019-12-17 there are no security notice advisories in https://github.com/rustsec/advisory-db
notice = "warn"
# A list of advisory IDs to ignore. Note that ignored advisories will still output
# a note when they are encountered.
ignore = []
Expand All @@ -55,25 +30,14 @@ ignore = []
# More documentation for the licenses section can be found here:
# https://github.com/EmbarkStudios/cargo-deny#the-licenses-section
[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "warn"
# List of explictly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
allow = []
# List of explictly disallowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
deny = ["GPL-3.0"]
# The lint level for licenses considered copyleft
copyleft = "allow"
# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses
# * both - The license will only be approved if it is both OSI-approved *AND* FSF/Free
# * either - The license will be approved if it is either OSI-approved *OR* FSF/Free
# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF/Free
# * fsf-only - The license will be approved if is FSF/Free *AND NOT* OSI-approved
# * neither - The license will be denied if is FSF/Free *OR* OSI-approved
allow-osi-fsf-free = "either"
allow = [
"MIT",
"Apache-2.0",
"Unicode-DFS-2016",
]
# The confidence threshold for detecting a license from license text.
# The higher the value, the more closely the license text must be to the
# canonical license text of a valid SPDX license file.
Expand Down Expand Up @@ -126,3 +90,22 @@ unknown-git = "warn"
#allow-registry = []
# List of URLs for allowed Git repositories
allow-git = []

[graph]
# If 1 or more target triples (and optionally, target_features) are specified, only
# the specified targets will be checked when running `cargo deny check`. This means,
# if a particular package is only ever used as a target specific dependency, such
# as, for example, the `nix` crate only being used via the `target_family = "unix"`
# configuration, that only having windows targets in this list would mean the nix
# crate, as well as any of its exclusive dependencies not shared by any other
# crates, would be ignored, as the target list here is effectively saying which
# targets you are building for.
targets = [
# The triple can be any string, but only the target triples built in to
# rustc (as of 1.40) can be checked against actual config expressions
#{ triple = "x86_64-unknown-linux-musl" },
# You can also specify which target_features you promise are enabled for a particular
# target. target_features are currently not validated against the actual valid
# features supported by the target architecture.
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] },
]

0 comments on commit 50d42be

Please sign in to comment.