44 lines
1.1 KiB
TOML
44 lines
1.1 KiB
TOML
# cargo-deny configuration — v2 schema
|
|
# https://embarkstudios.github.io/cargo-deny/
|
|
|
|
[advisories]
|
|
# In v2, vulnerability advisories always emit errors (not configurable).
|
|
# unmaintained: scope of unmaintained-crate checks (all | workspace | transitive | none)
|
|
unmaintained = "all"
|
|
# yanked: deny | warn | allow
|
|
yanked = "deny"
|
|
# Ignore known unmaintained transitive deps we cannot easily replace
|
|
ignore = [
|
|
# bincode v2.0.1 via probe-rs — project ceased but 1.3.3 considered complete
|
|
"RUSTSEC-2025-0141",
|
|
]
|
|
|
|
[licenses]
|
|
# All licenses are denied unless explicitly allowed
|
|
allow = [
|
|
"MIT",
|
|
"Apache-2.0",
|
|
"Apache-2.0 WITH LLVM-exception",
|
|
"BSD-2-Clause",
|
|
"BSD-3-Clause",
|
|
"ISC",
|
|
"Unicode-3.0",
|
|
"Unicode-DFS-2016",
|
|
"OpenSSL",
|
|
"Zlib",
|
|
"MPL-2.0",
|
|
"CDLA-Permissive-2.0",
|
|
"0BSD",
|
|
"BSL-1.0",
|
|
]
|
|
unused-allowed-license = "allow"
|
|
|
|
[bans]
|
|
multiple-versions = "warn"
|
|
wildcards = "allow"
|
|
|
|
[sources]
|
|
unknown-registry = "deny"
|
|
unknown-git = "deny"
|
|
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|
|
allow-git = []
|