diff options
| author | Matthias Beyer <mail@beyermatthias.de> | 2022-08-09 12:58:21 +0200 |
|---|---|---|
| committer | Matthias Beyer <mail@beyermatthias.de> | 2022-08-09 13:27:13 +0200 |
| commit | 07a9b55ab739adfac59a57a978c5aa0e7406a40e (patch) | |
| tree | e50caa60d0f724a32c8a90cefc675ffa7fe37f9f | |
| parent | 837d49b5aa8f49838c9c4b6e1bb2f58e8260125c (diff) | |
Add config for cargo-deny
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
| -rw-r--r-- | deny.toml | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/deny.toml b/deny.toml new file mode 100644 index 0000000..440880e --- /dev/null +++ b/deny.toml @@ -0,0 +1,65 @@ +[licenses] +# The lint level for crates which do not have a detectable license +unlicensed = "deny" + +# List of explictly allowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.7 short identifier (+ optional exception)]. +allow = ["MPL-2.0"] + +# List of explictly disallowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.7 short identifier (+ optional exception)]. +deny = [] + +# The lint level for licenses considered copyleft +copyleft = "deny" + +# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses +# * both - The license will only be approved if it is both OSI-approved *AND* FSF/Free +# * either - The license will be approved if it is either OSI-approved *OR* FSF/Free +# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF/Free +# * fsf-only - The license will be approved if is FSF/Free *AND NOT* OSI-approved +# * neither - The license will be denied if is FSF/Free *OR* OSI-approved +allow-osi-fsf-free = "either" + +# The confidence threshold for detecting a license from license text. +# The higher the value, the more closely the license text must be to the +# canonical license text of a valid SPDX license file. +# [possible values: any between 0.0 and 1.0]. +confidence-threshold = 0.8 + +[bans] +# Lint level for when multiple versions of the same crate are detected +multiple-versions = "warn" + +# The graph highlighting used when creating dotgraphs for crates +# with multiple versions +# * lowest-version - The path to the lowest versioned duplicate is highlighted +# * simplest-path - The path to the version with the fewest edges is highlighted +# * all - Both lowest-version and simplest-path are used +highlight = "all" + +# List of crates that are allowed. Use with care! +allow = [ +] + +# List of crates to deny +deny = [ +] + +# Certain crates/versions that will be skipped when doing duplicate detection. +skip = [ +] + +# Similarly to `skip` allows you to skip certain crates during duplicate detection, +# unlike skip, it also includes the entire tree of transitive dependencies starting at +# the specified crate, up to a certain depth, which is by default infinite +skip-tree = [ +] + + +[advisories] +ignore = [ +] + |