54 lines
1 KiB
TOML
54 lines
1 KiB
TOML
# https://embarkstudios.github.io/cargo-deny/checks/cfg.html
|
|
|
|
all-features = true
|
|
exclude = [
|
|
# dev only dependency
|
|
"criterion"
|
|
]
|
|
|
|
[advisories]
|
|
vulnerability = "deny"
|
|
unmaintained = "deny"
|
|
|
|
[licenses]
|
|
default = "deny"
|
|
unlicensed = "deny"
|
|
allow = [
|
|
"Apache-2.0",
|
|
"BSD-3-Clause",
|
|
"ISC",
|
|
"MIT",
|
|
"OpenSSL",
|
|
"Unicode-DFS-2016",
|
|
"Zlib",
|
|
]
|
|
# MPL-2.0 is copyleft but not "infectuous" like GPL
|
|
copyleft = "allow"
|
|
private = { ignore = true }
|
|
|
|
[[licenses.clarify]]
|
|
name = "ring"
|
|
version = "*"
|
|
expression = "MIT AND ISC AND OpenSSL"
|
|
license-files = [
|
|
{ path = "LICENSE", hash = 0xbd0eed23 },
|
|
]
|
|
|
|
[bans]
|
|
multiple-versions = "warn"
|
|
wildcards = "deny"
|
|
|
|
[[bans.features]]
|
|
name = "serde_json"
|
|
# These features all don't make sense to activate from a library as they apply
|
|
# globally to all users of serde_json. Make sure we don't enable them somehow.
|
|
deny = [
|
|
"arbitrary_precision",
|
|
"float_roundtrip",
|
|
"preserve_order",
|
|
"unbounded_depth",
|
|
]
|
|
|
|
[sources]
|
|
unknown-registry = "deny"
|
|
unknown-git = "deny"
|