# This template contains all of the possible sections and their default values # Note that all fields that take a lint level have these possible values: # * deny - An error will be produced and the check will fail # * warn - A warning will be produced, but the check will not fail # * allow - No warning or error will be produced, though in some cases a note # will be # The values provided in this template are the default values that will be used # when any section or field is not specified in your own configuration # Root options targets = [] all-features = true no-default-features = false # This section is considered when running `cargo deny check advisories` # More documentation for the advisories section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html [advisories] db-path = "~/.cargo/advisory-db" db-urls = ["https://github.com/rustsec/advisory-db"] vulnerability = "deny" unmaintained = "warn" yanked = "warn" notice = "warn" ignore = [ # potential to misuse ed25519-dalek 1.0 # used by rusty-paseto. not in a vulnerable way # and we don't even use paseto public key crypto so we don't use this "RUSTSEC-2022-0093", # DoS with untrusted input. Only runs on the client so not a concern "RUSTSEC-2021-0041", ] # This section is considered when running `cargo deny check licenses` # More documentation for the licenses section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html [licenses] unlicensed = "deny" allow = [ "Apache-2.0", "BSD-3-Clause", "ISC", "MIT", "MPL-2.0", "OpenSSL", "Unicode-DFS-2016", ] deny = [] copyleft = "warn" allow-osi-fsf-free = "neither" default = "deny" confidence-threshold = 0.8 exceptions = [] # Some crates don't have (easily) machine readable licensing information, # adding a clarification entry for it allows you to manually specify the # licensing information [[licenses.clarify]] name = "ring" version = "*" expression = "MIT AND ISC AND OpenSSL" license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }] # This section is considered when running `cargo deny check bans`. # More documentation about the 'bans' section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html [bans] multiple-versions = "allow" wildcards = "warn" highlight = "all" workspace-default-features = "allow" external-default-features = "allow" allow = [] deny = [] skip = [] skip-tree = [] # This section is considered when running `cargo deny check sources`. # More documentation about the 'sources' section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html [sources] # Lint level for what to happen when a crate from a crate registry that is not # in the allow list is encountered unknown-registry = "warn" # Lint level for what to happen when a crate from a git repository that is not # in the allow list is encountered unknown-git = "warn" # List of URLs for allowed crate registries. Defaults to the crates.io index # if not specified. If it is specified but empty, no registries are allowed. allow-registry = ["https://github.com/rust-lang/crates.io-index"] # List of URLs for allowed Git repositories allow-git = [] [sources.allow-org] # 1 or more github.com organizations to allow git sources for github = [] # 1 or more gitlab.com organizations to allow git sources for gitlab = [] # 1 or more bitbucket.org organizations to allow git sources for bitbucket = []