diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/deny.toml | 52 |
1 files changed, 23 insertions, 29 deletions
diff --git a/test/deny.toml b/test/deny.toml index 319d82177a..e792575b77 100644 --- a/test/deny.toml +++ b/test/deny.toml @@ -1,18 +1,25 @@ +[graph] +# cargo deny will only evaluate dependencies pulled in by these +# targets (the ones we run the test runner on) +targets = [ + { triple = "x86_64-unknown-linux-gnu" }, + { triple = "x86_64-pc-windows-gnu" }, + { triple = "x86_64-apple-darwin" }, + { triple = "aarch64-apple-darwin" } +] + + # This section is considered when running `cargo deny check advisories` # More documentation for the advisories section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html [advisories] version = 2 # https://github.com/EmbarkStudios/cargo-deny/pull/611 -db-path = "~/.cargo/advisory-db" -db-urls = ["https://github.com/rustsec/advisory-db"] - +yanked = "deny" ignore = [ # Ignored audit issues. This list should be kept short, and effort should be # put into removing items from the list. ] -#severity-threshold = - # This section is considered when running `cargo deny check licenses` # More documentation for the licenses section can be found here: @@ -20,27 +27,22 @@ ignore = [ [licenses] version = 2 # https://github.com/EmbarkStudios/cargo-deny/pull/611 -# Adding a license here has to be done carefully. Should not be changed -# by individual developers. +# Adding a license here has to be done carefully. Should only be done by team leads. allow = [ "GPL-3.0", "Apache-2.0", "MIT", + "MPL-2.0", "WTFPL", "ISC", "BSD-3-Clause", "BSD-2-Clause", "CC0-1.0", - "MPL-2.0", # https://github.com/briansmith/ring/issues/902 "LicenseRef-ring", "Unicode-DFS-2016" ] -confidence-threshold = 0.8 - -exceptions = [] - [[licenses.clarify]] name = "ring" expression = "LicenseRef-ring" @@ -50,7 +52,6 @@ license-files = [ [licenses.private] ignore = false -registries = [] # This section is considered when running `cargo deny check bans`. # More documentation about the 'bans' section can be found here: @@ -64,12 +65,9 @@ allow = [] deny = [ { name = "clap", version = "2" }, { name = "clap", version = "3" }, - # `atty` is an unmaintained crate with a CVE: RUSTSEC-2021-0145 - { name = "atty" }, { name = "time", version = "0.1"}, ] -skip = [] -skip-tree = [] + # This section is considered when running `cargo deny check sources`. # More documentation about the 'sources' section can be found here: @@ -77,20 +75,16 @@ skip-tree = [] [sources] unknown-registry = "deny" unknown-git = "deny" -allow-registry = ["https://github.com/rust-lang/crates.io-index"] -# If we need to temporarily depend on a git repository in our Rust dependency tree, -# it has to be added here. We should try to keep this list minimal. Having git -# dependencies is not recommended. + +# We should never depend on git repositories outside our own github organization. +# We can't say anything about their availability. They might go away at any point +# in time. Instead of using third party git repositories, always fork the repository +# into our github organization and depend on that. +# +# But if possible, always avoid git dependencies and try to have the developers publish +# releases to crates.io instead. allow-git = [] [sources.allow-org] # 1 or more github.com organizations to allow git sources for github = ["mullvad"] - -[graph] -targets = [ - { triple = "x86_64-unknown-linux-gnu" }, - { triple = "x86_64-pc-windows-gnu" }, - { triple = "x86_64-apple-darwin" }, - { triple = "aarch64-apple-darwin" } -] |
