Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: Update deny.toml to reflect the latest changes #83

Merged
merged 4 commits into from
Oct 9, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 24 additions & 41 deletions deny.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,6 @@
# * warn - A warning will be produced, but the check will not fail
# * allow - No warning or error will be produced, though in some cases a note will be

# If 1 or more target triples (and optionally, target_features) are specified, only
# the specified targets will be checked when running `cargo deny check`. This means,
# if a particular package is only ever used as a target specific dependency, such
# as, for example, the `nix` crate only being used via the `target_family = "unix"`
# configuration, that only having windows targets in this list would mean the nix
# crate, as well as any of its exclusive dependencies not shared by any other
# crates, would be ignored, as the target list here is effectively saying which
# targets you are building for.
targets = [
# The triple can be any string, but only the target triples built in to
# rustc (as of 1.40) can be checked against actual config expressions
#{ triple = "x86_64-unknown-linux-musl" },
# You can also specify which target_features you promise are enabled for a particular
# target. target_features are currently not validated against the actual valid
# features supported by the target architecture.
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] },
]

# This section is considered when running `cargo deny check advisories`
# More documentation for the advisories section can be found here:
# https://github.com/EmbarkStudios/cargo-deny#the-advisories-section
Expand All @@ -31,13 +13,6 @@ targets = [
db-path = "~/.cargo/advisory-db"
# The url(s) of the advisory database to use
db-urls = ["https://github.com/rustsec/advisory-db"]
# The lint level for security vulnerabilities
vulnerability = "warn"
# The lint level for unmaintained crates
unmaintained = "warn"
# The lint level for crates with security notices. Note that as of
# 2019-12-17 there are no security notice advisories in https://github.com/rustsec/advisory-db
notice = "warn"
# A list of advisory IDs to ignore. Note that ignored advisories will still output
# a note when they are encountered.
ignore = []
Expand All @@ -55,25 +30,14 @@ ignore = []
# More documentation for the licenses section can be found here:
# https://github.com/EmbarkStudios/cargo-deny#the-licenses-section
[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "warn"
# List of explictly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
allow = []
# List of explictly disallowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
deny = ["GPL-3.0"]
# The lint level for licenses considered copyleft
copyleft = "allow"
# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses
# * both - The license will only be approved if it is both OSI-approved *AND* FSF/Free
# * either - The license will be approved if it is either OSI-approved *OR* FSF/Free
# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF/Free
# * fsf-only - The license will be approved if is FSF/Free *AND NOT* OSI-approved
# * neither - The license will be denied if is FSF/Free *OR* OSI-approved
allow-osi-fsf-free = "either"
allow = [
"MIT",
"Apache-2.0",
"Unicode-DFS-2016",
]
# The confidence threshold for detecting a license from license text.
# The higher the value, the more closely the license text must be to the
# canonical license text of a valid SPDX license file.
Expand Down Expand Up @@ -126,3 +90,22 @@ unknown-git = "warn"
#allow-registry = []
# List of URLs for allowed Git repositories
allow-git = []

[graph]
# If 1 or more target triples (and optionally, target_features) are specified, only
# the specified targets will be checked when running `cargo deny check`. This means,
# if a particular package is only ever used as a target specific dependency, such
# as, for example, the `nix` crate only being used via the `target_family = "unix"`
# configuration, that only having windows targets in this list would mean the nix
# crate, as well as any of its exclusive dependencies not shared by any other
# crates, would be ignored, as the target list here is effectively saying which
# targets you are building for.
targets = [
# The triple can be any string, but only the target triples built in to
# rustc (as of 1.40) can be checked against actual config expressions
#{ triple = "x86_64-unknown-linux-musl" },
# You can also specify which target_features you promise are enabled for a particular
# target. target_features are currently not validated against the actual valid
# features supported by the target architecture.
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] },
]
Comment on lines +94 to +111
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this is just kept to document the feature?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's probably copy-pasted from the template that cargo-deny generates

Loading