1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# Docs: https://embarkstudios.github.io/cargo-deny/checks/cfg.html
# ───── Global config ──────────────────────────────────────────── #
[]
## If 1 or more target triples (and optionally, target_features) are specified,
## only the specified targets will be checked when running `cargo deny check`.
# targets = []
## Crates to exclude
#exclude = []
# pass `--all-features` on the cmd line to enable
= false
= false
= []
[]
= 1
# ───── For `cargo deny check advisories` ──────────────────────── #
[]
#db-path = "$CARGO_HOME/advisory-dbs"
#db-urls = ["https://github.com/rustsec/advisory-db"]
#ignore = []
#git-fetch-with-cli = true
# ───── For `cargo deny check licenses` ────────────────────────── #
[]
# List of explicitly allowed licenses (by SPDX 3.11 short identifier)
# See https://spdx.org/licenses/
= [
"MIT",
]
# for matching license text
= 0.9
## per-crate license exceptions
#exceptions = [
# #Each entry is the crate and version constraint, and its specific allowlist
# #{ allow = ["Zlib"], crate = "adler32" },
#]
## Explicitly license clarification (array of tables)
#[[licenses.clarify]]
## The package spec the clarification applies to
## SPDX expression describing this crate's license
#crate = "ring"
#expression = "MIT AND ISC AND OpenSSL"
## One or more files in the crate's as license "source of truth"
#license-files = [
## Each entry is a crate relative path, and the (opaque) hash of its contents
#{ path = "LICENSE", hash = 0xbd0eed23 }
#]
[]
## Registries considered "private"
#registries = [ "https://sekretz.com/registry" ]
# ignore licenses for workspace / private registry crates?
= false
# ───── For `cargo deny check bans` ────────────────────────────── #
[]
# Lint levels
= "warn" # multiple versions of same crate
= "warn" # crate version requirement is `*`
= "all" # graph highlighting: lowest-version, simplest-path, or all
= "allow" # workspace crates use default features
= "allow" # dependencies use default features
## Explicit allowlist (overrides bans)
#allow = [
# #"ansi_term@0.11.0",
# #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is allowed" },
#]
# Automatically add workspace crates to the allowlist?
= false
# crates (and/or specific versions thereof) that are explicitly banned
= []
# Certain crates/versions that will be skipped when doing duplicate detection.
= [
#"ansi_term@0.11.0",
#{ crate = "ansi_term@0.11.0", reason = "you can specify a reason why it can't be updated/removed" },
]
# Like skip except it also includes the listed dep's transitive deps
= [
#"ansi_term@0.11.0", # will be skipped along with _all_ of its direct and transitive dependencies
#{ crate = "ansi_term@0.11.0", depth = 20 },
]
## Features that are explicitly allowed/banned for a crate (array-of-tables)
## UMMM: This is not documented?
## And the `deny init` template created it in the middle of another table?
#[[bans.features]]
#crate = "reqwest"
#deny = ["json"]
#allow = ["rustls"]
## If true, the allowed features must exactly match the enabled feature set. If
## this is set there is no point setting `deny`
#exact = true
# ───── For `cargo deny check sources` ─────────────────────────── #
[]
= [
"https://github.com/rust-lang/crates.io-index" # i.e., public crates.io
]
= []
# lint levels
= "deny"
= "deny"
[]
# allow any repo from these orgs on these forges
= []
= []
= []