forked from ComunidadAylas/PackSquash
-
Notifications
You must be signed in to change notification settings - Fork 0
/
deny.toml
121 lines (114 loc) · 2.89 KB
/
deny.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Configuration file format reference:
# https://embarkstudios.github.io/cargo-deny/checks/index.html
targets = [
{ triple = "x86_64-unknown-linux-gnu" },
{ triple = "aarch64-unknown-linux-gnu" },
{ triple = "x86_64-pc-windows-gnu" },
{ triple = "x86_64-apple-darwin" },
{ triple = "aarch64-apple-darwin" },
]
[advisories]
vulnerability = "deny"
unmaintained = "warn"
yanked = "deny"
notice = "warn"
[licenses]
unlicensed = "deny"
allow = [
# Free software licenses compatible with (A)GPL.
# List extracted from: https://www.gnu.org/licenses/license-list.en.html#GPLCompatibleLicenses
"GPL-3.0",
"GPL-2.0",
"LGPL-3.0",
"LGPL-2.1",
"AGPL-3.0",
"FSFAP",
"Apache-2.0",
"Artistic-2.0",
"ClArtistic",
"Sleepycat",
"BSL-1.0",
"BSD-3-Clause",
"CECILL-2.0",
"BSD-3-Clause-Clear",
"ECL-2.0",
"EFL-2.0",
"EUDatagrid",
"MIT",
"BSD-2-Clause",
"FTL",
"HPND",
"iMatix",
"Imlib2",
"IJG",
"Intel",
"ISC",
"MPL-2.0",
"NCSA",
"OLDAP-2.7",
"NIST-PD",
"CC-PDDC",
"CC0-1.0",
"Python-2.0",
"Ruby",
"SGI-B-2.0",
"SMLNJ",
"UPL-1.0",
"Unlicense",
"Vim",
"W3C",
"WTFPL",
"X11",
"XFree86-1.1",
"Zlib",
"zlib-acknowledgement",
"ZPL-2.0",
"ZPL-2.1",
# Not expressely listed as (A)GPL compatible in the page above, but
# according to https://opensource.org/licenses/0BSD it is a modification
# of the ISC license, which is compatible. Its text is also extremely
# simple and allows using the code for any purpose
"0BSD",
# Permissive license used by the Unicode consortium, similar in spirit
# to other permissive licenses:
# https://spdx.org/licenses/Unicode-DFS-2016.html
"Unicode-DFS-2016"
]
default = "deny"
copyleft = "allow"
unused-allowed-license = "allow"
[licenses.private]
ignore = true
# This section is considered when running `cargo deny check bans`.
# More documentation about the 'bans' section can be found here:
# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
[bans]
multiple-versions = "warn"
highlight = "all"
skip = [
# Some parts of the ecosystem have already updated aho-corasick to v1 (e.g., the
# regex crate), but others didn't (e.g., globset). Let's ignore that for now,
# globset shouldn't stay that way for long
{ name = "aho-corasick", version = "=0.7.20" },
# This older version is pulled by the GLSL macro machinery on build-time.
# It should not affect final executables
{ name = "darling", version = "=0.14.4" },
{ name = "darling_macro", version = "=0.14.4" },
{ name = "darling_core", version = "=0.14.4" }
]
skip-tree = [
# An ancient nom is pulled by the development dependency for
# benchmarking perfcnt. Let's ignore that for now. It doesn't
# affect the final user executables at all
{ name = "perfcnt" },
# Criterion itself also pulls some older dependencies
{ name = "criterion" }
]
[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-git = [
"https://github.com/shssoichiro/oxipng"
]
[sources.allow-org]
github = ["ComunidadAylas"]