omniparse 0.4.1

A Rust toolkit for detecting and extracting metadata, text, and content from various file formats
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

# cargo-deny configuration. Run: `cargo deny check`
#
# License policy: allow permissive licenses only. Strong copyleft
# (GPL/AGPL) and standalone LGPL are intentionally NOT listed, so any
# dependency carrying them fails the check. This guards against a repeat
# of the GPL-3.0 `epub` crate silently entering the default build.
#
# Weak, file-level copyleft (MPL-2.0) does not affect omniparse's own
# license; it is allowed only for the specific known crates below via
# `exceptions`, so a *new* MPL (or other copyleft) dependency still trips
# the check and must be reviewed deliberately.

[graph]
# Evaluate every optional feature (PDF, OCR stack, async, etc.) so the
# policy covers all crates a consumer could pull, not just defaults.
all-features = true

[licenses]
version = 2
confidence-threshold = 0.8
allow = [
    "MIT",
    "Apache-2.0",
    "Apache-2.0 WITH LLVM-exception",
    "BSD-2-Clause",
    "BSD-3-Clause",
    "ISC",
    "Zlib",
    "0BSD",
    "CC0-1.0",
    "Unicode-3.0",
    "BSL-1.0",
    "Unlicense",
    "CDLA-Permissive-2.0",
]

# Weak copyleft (MPL-2.0), pinned to the known transitive crates from the
# scraper/cssparser HTML+CSS parsing stack. Does not infect omniparse.
[[licenses.exceptions]]
name = "cssparser"
allow = ["MPL-2.0"]
[[licenses.exceptions]]
name = "cssparser-macros"
allow = ["MPL-2.0"]
[[licenses.exceptions]]
name = "dtoa-short"
allow = ["MPL-2.0"]
[[licenses.exceptions]]
name = "selectors"
allow = ["MPL-2.0"]
# option-ext (MPL-2.0) comes via dirs -> dirs-sys, used by the optional
# `ocr-ml` feature for model cache locations.
[[licenses.exceptions]]
name = "option-ext"
allow = ["MPL-2.0"]

[bans]
multiple-versions = "warn"
wildcards = "allow"

[advisories]
version = 2
yanked = "deny"
ignore = [
    # fxhash (unmaintained), via scraper -> selectors. No fix until scraper
    # upgrades. Not a security vulnerability.
    "RUSTSEC-2025-0057",

    # --- Optional OCR stack (imageproc 0.23) — not in the default build. ---
    # Unmaintained-only advisories, no security impact, no upgrade path
    # without the imageproc/image bump below:
    "RUSTSEC-2025-0058", # custom_derive, via imageproc -> conv
    "RUSTSEC-2024-0436", # paste, via imageproc -> nalgebra -> simba
    "RUSTSEC-2021-0140", # rusttype, via imageproc
    # Real nalgebra (0.30) vulnerabilities — bounds-check / soundness.
    # Only reachable via the optional `ocr`/`ocr-ml`/`ocr-train` features.
    # TODO: fix by bumping imageproc 0.23 -> 0.27 (requires image 0.24 ->
    # 0.25 migration) + dirs 5 -> 6. Tracked in #9.
    "RUSTSEC-2026-0116", # nalgebra
    "RUSTSEC-2026-0117", # nalgebra
]

[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]