1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# DSFB-Debug — cargo-deny configuration.
#
# Enforces the crate's licence and supply-chain claims:
# - Apache-2.0 only; reject GPL/LGPL/AGPL contamination.
# - Zero direct dependencies (verified by Cargo.toml + manual review).
# - Zero transitive dependencies under default features (no_std + no_alloc).
# - The std-only adapters add zero deps either (SHA-256 + TSV are
# hand-rolled in src/adapters/).
#
# Usage:
# cargo deny --manifest-path crates/dsfb-debug/Cargo.toml check
#
# This file is consumed by cargo-deny (https://github.com/EmbarkStudios/cargo-deny).
[]
# Targets we care about. Empty list = all-targets, which is fine here
# because the crate is no_std and the adapter is pure-Rust std.
= []
[]
= 2
= "deny"
= []
[]
= 2
# Apache-2.0 only at the crate level. The crate's own licence declaration
# (Cargo.toml) and any future dev-dep licences must fall in this allow-list.
= [
"Apache-2.0",
"Apache-2.0 WITH LLVM-exception",
"MIT",
"BSD-2-Clause",
"BSD-3-Clause",
"Unicode-DFS-2016",
"ISC",
]
# Reject copyleft and source-availability licences that would block
# defence supply-chain or commercial deployment.
= 0.93
[]
# Reject any direct/transitive dependency unless explicitly allow-listed.
# Today the allow-list is empty by design — the crate has zero deps.
= "warn"
= "deny"
= []
= []
[]
= "deny"
= "deny"
= ["https://github.com/rust-lang/crates.io-index"]
= []