burn/deny.toml

# If 1 or more target triples (and optionally, target_features) are specified,
# only the specified targets will be checked when running `cargo deny check`.
# This means, if a particular package is only ever used as a target specific
# dependency, such as, for example, the `nix` crate only being used via the
# `target_family = "unix"` configuration, that only having windows targets in
# this list would mean the nix crate, as well as any of its exclusive
# dependencies not shared by any other crates, would be ignored, as the target
# list here is effectively saying which targets you are building for.
targets = [
    { triple = "x86_64-unknown-linux-gnu" },
    { triple = "aarch64-unknown-linux-gnu" },
    { triple = "x86_64-unknown-linux-musl" },
    { triple = "aarch64-apple-darwin" },
    { triple = "x86_64-apple-darwin" },
    { triple = "x86_64-pc-windows-msvc" },
]

[advisories]
# The lint level for security vulnerabilities
vulnerability = "deny"
# The lint level for unmaintained crates
unmaintained = "deny"
# The lint level for crates that have been yanked from their source registry
yanked = "deny"
# The lint level for crates with security notices.
notice = "deny"
# A list of advisory IDs to ignore. Note that ignored advisories will still
# output a note when they are encountered.
ignore = [
    #"RUSTSEC-0000-0000",
]

[bans]
# Lint level for when multiple versions of the same crate are detected
multiple-versions = "warn"
# Lint level for when a crate version requirement is `*`
wildcards = "allow"
# The graph highlighting used when creating dotgraphs for crates
# with multiple versions
# * lowest-version - The path to the lowest versioned duplicate is highlighted
# * simplest-path - The path to the version with the fewest edges is highlighted
# * all - Both lowest-version and simplest-path are used
highlight = "all"
# The default lint level for `default` features for crates that are members of
# the workspace that is being checked. This can be overridden by allowing/denying
# `default` on a crate-by-crate basis if desired.
workspace-default-features = "allow"
# The default lint level for `default` features for external crates that are not
# members of the workspace. This can be overridden by allowing/denying `default`
# on a crate-by-crate basis if desired.
external-default-features = "allow"
# Certain crates/versions that will be skipped when doing duplicate detection.
skip = [
    #{ name = "crate", version = "=0.1.0" },
]
# Similarly to `skip` allows you to skip certain crates during duplicate
# detection. Unlike skip, it also includes the entire tree of transitive
# dependencies starting at the specified crate, up to a certain depth, which is
# by default infinite.
skip-tree = [
    #{ name = "crate", version = "=0.1.0", depth = 20 },
]

[sources]
# Lint level for what to happen when a crate from a crate registry that is not
# in the allow list is encountered
unknown-registry = "deny"
# Lint level for what to happen when a crate from a git repository that is not
# in the allow list is encountered
unknown-git = "deny"

[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "deny"
# Lint level for licenses considered copyleft
copyleft = "deny"
# The confidence threshold for detecting a license from license text.
# The higher the value, the more closely the license text must be to the
# canonical license text of a valid SPDX license file.
# [possible values: any between 0.0 and 1.0].
confidence-threshold = 0.60
# List of explicitly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.11 short identifier (+ optional exception)].
allow = [
    "Apache-2.0 WITH LLVM-exception",
    "Apache-2.0",
    "BSD-3-Clause",
    "CC0-1.0",
    "ISC",
    "MIT",
    "MPL-2.0",
    "OpenSSL",
    "Unicode-DFS-2016",
    "Unlicense",
    "Zlib",
]
# Allow 1 or more licenses on a per-crate basis, so that particular licenses
# aren't accepted for every possible crate as with the normal allow list
exceptions = [
    # Each entry is the crate and version constraint, and its specific allow
    # list
    #{ allow = ["license_name"], name = "crate", version = "*" },
]
ci/Check dependencies (#895) 2023-11-19 23:35:03 +08:00			`# If 1 or more target triples (and optionally, target_features) are specified,`
			# only the specified targets will be checked when running `cargo deny check`.
			`# This means, if a particular package is only ever used as a target specific`
			# dependency, such as, for example, the `nix` crate only being used via the
			# `target_family = "unix"` configuration, that only having windows targets in
			`# this list would mean the nix crate, as well as any of its exclusive`
			`# dependencies not shared by any other crates, would be ignored, as the target`
			`# list here is effectively saying which targets you are building for.`
			`targets = [`
			`{ triple = "x86_64-unknown-linux-gnu" },`
			`{ triple = "aarch64-unknown-linux-gnu" },`
			`{ triple = "x86_64-unknown-linux-musl" },`
			`{ triple = "aarch64-apple-darwin" },`
			`{ triple = "x86_64-apple-darwin" },`
			`{ triple = "x86_64-pc-windows-msvc" },`
			`]`

			`[advisories]`
			`# The lint level for security vulnerabilities`
			`vulnerability = "deny"`
			`# The lint level for unmaintained crates`
			`unmaintained = "deny"`
			`# The lint level for crates that have been yanked from their source registry`
			`yanked = "deny"`
			`# The lint level for crates with security notices.`
			`notice = "deny"`
			`# A list of advisory IDs to ignore. Note that ignored advisories will still`
			`# output a note when they are encountered.`
			`ignore = [`
			`#"RUSTSEC-0000-0000",`
			`]`

			`[bans]`
			`# Lint level for when multiple versions of the same crate are detected`
			`multiple-versions = "warn"`
			# Lint level for when a crate version requirement is `*`
			`wildcards = "allow"`
			`# The graph highlighting used when creating dotgraphs for crates`
			`# with multiple versions`
			`# * lowest-version - The path to the lowest versioned duplicate is highlighted`
			`# * simplest-path - The path to the version with the fewest edges is highlighted`
			`# * all - Both lowest-version and simplest-path are used`
			`highlight = "all"`
			# The default lint level for `default` features for crates that are members of
			`# the workspace that is being checked. This can be overridden by allowing/denying`
			# `default` on a crate-by-crate basis if desired.
			`workspace-default-features = "allow"`
			# The default lint level for `default` features for external crates that are not
			# members of the workspace. This can be overridden by allowing/denying `default`
			`# on a crate-by-crate basis if desired.`
			`external-default-features = "allow"`
			`# Certain crates/versions that will be skipped when doing duplicate detection.`
			`skip = [`
			`#{ name = "crate", version = "=0.1.0" },`
			`]`
			# Similarly to `skip` allows you to skip certain crates during duplicate
			`# detection. Unlike skip, it also includes the entire tree of transitive`
			`# dependencies starting at the specified crate, up to a certain depth, which is`
			`# by default infinite.`
			`skip-tree = [`
			`#{ name = "crate", version = "=0.1.0", depth = 20 },`
			`]`

			`[sources]`
			`# Lint level for what to happen when a crate from a crate registry that is not`
			`# in the allow list is encountered`
			`unknown-registry = "deny"`
			`# Lint level for what to happen when a crate from a git repository that is not`
			`# in the allow list is encountered`
			`unknown-git = "deny"`

			`[licenses]`
			`# The lint level for crates which do not have a detectable license`
			`unlicensed = "deny"`
			`# Lint level for licenses considered copyleft`
			`copyleft = "deny"`
			`# The confidence threshold for detecting a license from license text.`
			`# The higher the value, the more closely the license text must be to the`
			`# canonical license text of a valid SPDX license file.`
			`# [possible values: any between 0.0 and 1.0].`
			`confidence-threshold = 0.60`
			`# List of explicitly allowed licenses`
			`# See https://spdx.org/licenses/ for list of possible licenses`
			`# [possible values: any SPDX 3.11 short identifier (+ optional exception)].`
			`allow = [`
			`"Apache-2.0 WITH LLVM-exception",`
			`"Apache-2.0",`
			`"BSD-3-Clause",`
			`"CC0-1.0",`
			`"ISC",`
			`"MIT",`
			`"MPL-2.0",`
			`"OpenSSL",`
			`"Unicode-DFS-2016",`
			`"Unlicense",`
			`"Zlib",`
			`]`
			`# Allow 1 or more licenses on a per-crate basis, so that particular licenses`
			`# aren't accepted for every possible crate as with the normal allow list`
			`exceptions = [`
			`# Each entry is the crate and version constraint, and its specific allow`
			`# list`
			`#{ allow = ["license_name"], name = "crate", version = "*" },`
			`]`