schemreg 0.3.0

Async Confluent + AWS Glue schema registry client — wire format, traits, caching, HTTP
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

# cargo-deny configuration for schemreg.
#
# Run: cargo deny check
# Install: cargo install cargo-deny

[advisories]
# Deny all known vulnerabilities; list specific IDs to ignore intentional exceptions.
ignore = []

[licenses]
# Approved SPDX licence identifiers.
allow = [
    "MIT",
    "Apache-2.0",
    "Apache-2.0 WITH LLVM-exception",
    "ISC",
    "BSD-2-Clause",
    "BSD-3-Clause",
    "Unicode-DFS-2016",
    "Unicode-3.0",
    "OpenSSL",
    "CC0-1.0",
    "Zlib",
]

[bans]
# Deny duplicate versions of the same crate to prevent accidental
# introduction of a second copy of security-critical crates (e.g. ring,
# rustls, zeroize). Re-evaluate per-package skip entries as the dependency
# tree stabilises.
multiple-versions = "deny"
skip = [
    # aws-sdk crates and their smithy runtime currently pull in two versions
    # of a few utility crates; these are upstream constraints, not our choices.
    { name = "bitflags" },
    { name = "hashbrown" },
    { name = "indexmap" },
    { name = "syn" },
]
# Prevent pulling in native OpenSSL — the crate uses rustls exclusively.
deny = [
    { name = "openssl", reason = "use rustls — openssl introduces native-library coupling and a larger attack surface" },
    { name = "openssl-sys", reason = "use rustls — openssl introduces native-library coupling and a larger attack surface" },
]

[sources]
# Only allow crates from crates.io; reject git or path dependencies in published builds.
unknown-registry = "deny"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]