99# The values provided in this template are the default values that will be used
1010# when any section or field is not specified in your own configuration
1111
12- # If 1 or more target triples (and optionally, target_features) are specified,
13- # only the specified targets will be checked when running `cargo deny check`.
14- # This means, if a particular package is only ever used as a target specific
15- # dependency, such as, for example, the `nix` crate only being used via the
16- # `target_family = "unix"` configuration, that only having windows targets in
17- # this list would mean the nix crate, as well as any of its exclusive
18- # dependencies not shared by any other crates, would be ignored, as the target
19- # list here is effectively saying which targets you are building for.
20- targets = [
21- # The triple can be any string, but only the target triples built in to
22- # rustc (as of 1.40) can be checked against actual config expressions
23- # { triple = "x86_64-unknown-linux-musl" },
24- # You can also specify which target_features you promise are enabled for a
25- # particular target. target_features are currently not validated against
26- # the actual valid features supported by the target architecture.
27- # { triple = "wasm32-unknown-unknown", features = ["atomics"] },
28- ]
29-
3012# This section is considered when running `cargo deny check advisories`
3113# More documentation for the advisories section can be found here:
3214# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
@@ -35,16 +17,8 @@ targets = [
3517db-path = " ~/.cargo/advisory-db"
3618# The url of the advisory database to use
3719db-urls = [" https://github.com/rustsec/advisory-db"
38- # The lint level for security vulnerabilities
39- vulnerability = " deny"
40- # The lint level for unmaintained crates
41- unmaintained = " warn"
4220# The lint level for crates that have been yanked from their source registry
4321yanked = " warn"
44- # The lint level for crates with security notices. Note that as of
45- # 2019-12-17 there are no security notice advisories in
46- # https://github.com/rustsec/advisory-db
47- notice = " warn"
4822# A list of advisory IDs to ignore. Note that ignored advisories will still
4923# output a note when they are encountered.
5024ignore = [
@@ -58,44 +32,22 @@ ignore = [
5832# * Medium - CVSS Score 4.0 - 6.9
5933# * High - CVSS Score 7.0 - 8.9
6034# * Critical - CVSS Score 9.0 - 10.0
61- # severity-threshold =
35+ # severity-threshold =
6236
6337# This section is considered when running `cargo deny check licenses`
6438# More documentation for the licenses section can be found here:
6539# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
6640[licenses ]
67- # The lint level for crates which do not have a detectable license
68- unlicensed = " deny"
6941# List of explictly allowed licenses
7042# See https://spdx.org/licenses/ for list of possible licenses
7143# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
7244allow = [
7345 " MIT"
74- # "BSD-2-Clause",
75- # "BSD-3-Clause",
46+ # "BSD-2-Clause",
47+ # "BSD-3-Clause",
7648 " Apache-2.0"
7749 " Apache-2.0 WITH LLVM-exception"
7850]
79- # List of explictly disallowed licenses
80- # See https://spdx.org/licenses/ for list of possible licenses
81- # [possible values: any SPDX 3.7 short identifier (+ optional exception)].
82- deny = [
83- # "Nokia",
84- ]
85- # Lint level for licenses considered copyleft
86- copyleft = " warn"
87- # Blanket approval or denial for OSI-approved or FSF Free/Libre licenses
88- # * both - The license will be approved if it is both OSI-approved *AND* FSF
89- # * either - The license will be approved if it is either OSI-approved *OR* FSF
90- # * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF
91- # * fsf-only - The license will be approved if is FSF *AND NOT* OSI-approved
92- # * neither - This predicate is ignored and the default lint level is used
93- allow-osi-fsf-free = " neither"
94- # Lint level used when no other predicates are matched
95- # 1. License isn't in the allow or deny lists
96- # 2. License isn't copyleft
97- # 3. License isn't OSI/FSF, or allow-osi-fsf-free = "neither"
98- default = " deny"
9951# The confidence threshold for detecting a license from license text.
10052# The higher the value, the more closely the license text must be to the
10153# canonical license text of a valid SPDX license file.
@@ -106,8 +58,7 @@ confidence-threshold = 0.8
10658exceptions = [
10759 # Each entry is the crate and version constraint, and its specific allow
10860 # list
109- { allow = [" Unicode-DFS-2016" name = " unicode-ident" version = " *"
110- # { allow = ["Zlib"], name = "adler32", version = "*" },
61+ { allow = [" Unicode-3.0" name = " unicode-ident" version = " *"
11162]
11263
11364# Some crates don't have (easily) machine readable licensing information,
@@ -126,8 +77,8 @@ exceptions = [
12677# and the crate will be checked normally, which may produce warnings or errors
12778# depending on the rest of your configuration
12879# license-files = [
129- # Each entry is a crate relative path, and the (opaque) hash of its contents
130- # { path = "LICENSE", hash = 0xbd0eed23 }
80+ # Each entry is a crate relative path, and the (opaque) hash of its contents
81+ # { path = "LICENSE", hash = 0xbd0eed23 }
13182# ]
13283
13384[licenses .private ]
@@ -167,8 +118,8 @@ deny = [
167118skip = [
168119 # { name = "ansi_term", version = "=0.11.0" },
169120]
170- # Similarly to `skip` allows you to skip certain crates during duplicate
171- # detection. Unlike skip, it also includes the entire tree of transitive
121+ # Similarly to `skip` allows you to skip certain crates during duplicate
122+ # detection. Unlike skip, it also includes the entire tree of transitive
172123# dependencies starting at the specified crate, up to a certain depth, which is
173124# by default infinite
174125skip-tree = [
0 commit comments