summaryrefslogtreecommitdiffhomepage
path: root/deny.toml
AgeCommit message (Collapse)AuthorFilesLines
2025-10-01Revert ignoring RUSTSEC-2024-0436 in vulnerability scannersMarkus Pettersson1-3/+0
2025-09-09Change licence identifier from GPL-3.0 to GPL-3.0-onlyLinus Färnstrand1-1/+1
This is the new SPDX compatible identifier
2025-08-26Add "CDLA-Permissive-2.0" licenseSebastian Holmin1-1/+2
2025-06-04Remove custom license allowance for ringLinus Färnstrand1-9/+0
Ring switched over to Apache-2.0 AND ISC, so they are now compatible with our regular list of allowed licenses
2025-04-16Tweak wording in deny.tomlJoakim Hulthe1-1/+1
2025-03-11Silence RUSTSEC-2024-0436Markus Pettersson1-0/+3
2024-12-19Forbid tokio 0.xLinus Färnstrand1-0/+1
2024-12-19Restructure cargo bans sectionLinus Färnstrand1-7/+9
2024-12-19Forbid old hyper and async-stdLinus Färnstrand1-0/+6
2024-12-11Revert "Silence `RUSTSEC-2024-0421`"Markus Pettersson1-6/+0
This reverts commit 6022cb16ba05a460fe597f5d6edd5228879a3093.
2024-12-10Silence `RUSTSEC-2024-0421`Markus Pettersson1-0/+6
2024-11-15Add notice about what files to sync when ignoring RUSTSEC advisoriesMarkus Pettersson1-0/+2
2024-10-15Stop ignoring RUSTSEC-2023-0079 (Kyber timing attack)Linus Färnstrand1-2/+0
The dependency with this CVE is no longer in our dependency tree
2024-09-20Revert silencing `RUSTSEC-2024-0370` in `cargo deny`Markus Pettersson1-3/+0
2024-09-06Silence RUSTSEC-2024-0370Markus Pettersson1-1/+4
2024-08-27Add Unicode-3.0 to approved licensesDavid Lönnhager1-1/+2
2024-04-15Add Zlib to allowed licencesOskar Nyberg1-1/+2
2024-03-26Update [deny] section of the deny.toml filesLinus Färnstrand1-5/+0
2024-03-26Update [advisories] section of our deny.toml files to version 2Linus Färnstrand1-9/+1
2024-03-26Update and align [sources] section of our deny.toml filesLinus Färnstrand1-1/+0
2024-03-26Update [licenses] section of deny.toml to version 2Linus Färnstrand1-14/+3
2024-03-26Update cargo deny targetsLinus Färnstrand1-1/+13
Adds Android and iOS targets
2024-03-26Point the hickory-dns dependency to our own fork of the repoLinus Färnstrand1-5/+9
We should avoid depending on git repositories outside our own control. The hickory-dns organization or repository can go away at any point in time. That will make it way harder to re-build old versions of the app.
2024-03-18Add hickory-dns to allowed git dependenciesDavid Lönnhager1-1/+2
2024-03-08Remove nix rust crate git repository from allowed external sourcesLinus Färnstrand1-2/+4
2024-02-09Temporarily allow RUSTSEC-2023-0079 in deny.tomlDavid Lönnhager1-0/+4
2023-08-01Un-ignore RUSTSEC-2020-0071 and ban time 0.1 from dependency treeLinus Färnstrand1-3/+2
2023-08-01Deny atty as Rust dependencyLinus Färnstrand1-0/+2
2023-07-03Deny old clap versions in our dependency treeLinus Färnstrand1-0/+2
2023-06-05Rework macOS routingDavid Lönnhager1-1/+2
2023-05-22Allow CC0 licenseEmīls1-0/+1
2022-09-27Allow Unicode-DFS-2016 licenceEmīls Piņķis1-1/+2
2022-07-01Add OpenSSL related crates to deny.toml ban sectionLinus Färnstrand1-1/+7
We use Rustls for TLS. We don't want to accidentally pull in OpenSSL for anything. Both because it would bloat the binaries, and because we would then potentially be vulnerable to OpenSSL CVEs. Which is something we don't monitor since we are not actively using it
2022-07-01Remove documentation from deny.tomlLinus Färnstrand1-98/+8
2022-07-01Improve the list of allowed licensesLinus Färnstrand1-24/+16
2022-07-01Add initial deny.toml file for cargo-denyLinus Färnstrand1-0/+193
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.