diff --git a/.github/workflows/cargo-deny.yml b/.github/workflows/cargo-deny.yml new file mode 100644 index 00000000..ce8b072b --- /dev/null +++ b/.github/workflows/cargo-deny.yml @@ -0,0 +1,23 @@ +name: Run cargo-deny + +on: + workflow_call: + workflow_dispatch: + pull_request: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + +jobs: + cargo-deny: + runs-on: ubuntu-latest + steps: + - name: Fetch Repository + uses: actions/checkout@v4 + + - name: Install stable toolchain + uses: actions-rust-lang/setup-rust-toolchain@v1 + + - name: Cargo deny + uses: EmbarkStudios/cargo-deny-action@v1 diff --git a/.github/workflows/clear-cache.yml b/.github/workflows/clear-cache.yml new file mode 100644 index 00000000..4341240a --- /dev/null +++ b/.github/workflows/clear-cache.yml @@ -0,0 +1,16 @@ +name: Clear Cache + +permissions: + actions: write + +on: + workflow_dispatch: + +jobs: + clean-cache: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - run: gh cache delete --all + env: + GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/lint-docs.yml b/.github/workflows/lint-docs.yml index 0757aede..ede71a27 100644 --- a/.github/workflows/lint-docs.yml +++ b/.github/workflows/lint-docs.yml @@ -2,12 +2,14 @@ name: Lint Rust Documentation on: pull_request: - push: - branches: ["main"] env: CARGO_TERM_COLOR: always +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: docs: runs-on: ubuntu-latest diff --git a/.github/workflows/lint-pr-title.yml b/.github/workflows/lint-pr-title.yml index 66a18415..11aced48 100644 --- a/.github/workflows/lint-pr-title.yml +++ b/.github/workflows/lint-pr-title.yml @@ -11,6 +11,10 @@ permissions: contents: read pull-requests: write +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: main: name: Validate PR title diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index 30da5fc4..f50b524a 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -6,6 +6,10 @@ on: permissions: pull-requests: read +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: main: name: Block Autosquash Commits diff --git a/.github/workflows/lint-rust.yml b/.github/workflows/lint-rust.yml index b03fb706..b9917d52 100644 --- a/.github/workflows/lint-rust.yml +++ b/.github/workflows/lint-rust.yml @@ -7,12 +7,14 @@ permissions: on: pull_request: - push: - branches: ["main"] env: CARGO_TERM_COLOR: always +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: rustfmt: name: Check Rust Formatting @@ -23,7 +25,7 @@ jobs: - name: Set up Rust uses: dtolnay/rust-toolchain@stable with: - components: clippy + components: rustfmt - name: Run rustfmt run: cargo fmt --all --check @@ -61,3 +63,16 @@ jobs: reporter: "github-pr-review" clippy_flags: "--workspace" github_token: ${{ secrets.GITHUB_TOKEN }} + + typos-cli: + name: Check for typos + runs-on: ubuntu-latest + steps: + - name: Fetch Repository + uses: actions/checkout@v4 + - name: Install Typos + uses: taiki-e/install-action@v2 + with: + tool: typos-cli + - name: run typos + run: typos diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 170b9680..7555dac2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,12 +2,14 @@ name: Build and Test on: pull_request: - push: - branches: ["main"] env: CARGO_TERM_COLOR: always +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: test: strategy: @@ -42,6 +44,6 @@ jobs: target/ key: cargo-${{ runner.os }}-${{ matrix.toolchain }}-${{ hashFiles('**/Cargo.lock') }} - name: Build - run: cargo build --verbose --workspace + run: cargo build --verbose --workspace --all-features - name: Run tests - run: cargo test --verbose --workspace + run: cargo test --verbose --workspace --all-features diff --git a/about.hbs b/about.hbs new file mode 100644 index 00000000..699b3b04 --- /dev/null +++ b/about.hbs @@ -0,0 +1,70 @@ + + + + + + + +
+
+

Third Party Licenses

+

This page lists the licenses of the projects used in cargo-about.

+
+ +

Overview of licenses:

+ + +

All license text:

+ +
+ + + diff --git a/about.toml b/about.toml new file mode 100644 index 00000000..da73b628 --- /dev/null +++ b/about.toml @@ -0,0 +1,13 @@ +accepted = [ + "MIT", + "Apache-2.0", + "Apache-2.0 WITH LLVM-exception", + "BSL-1.0", + "Unicode-DFS-2016", + "BSD-3-Clause", + "BSD-2-Clause", + "Zlib", + "ISC", + "CC0-1.0", + "AGPL-3.0", +] diff --git a/deny.toml b/deny.toml new file mode 100644 index 00000000..cd5465b4 --- /dev/null +++ b/deny.toml @@ -0,0 +1,133 @@ +[graph] +all-features = false +#no-default-features = false +#features = [] + +[advisories] +# output a note when they are encountered. +ignore = [ + #"RUSTSEC-0000-0000", + #{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" }, + #"a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish + #{ crate = "a-crate-that-is-yanked@0.1.1", reason = "you can specify why you are ignoring the yanked crate" }, +] + +[licenses] +# List of explicitly allowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. +allow = [ + "MIT", + "Apache-2.0", + "Apache-2.0 WITH LLVM-exception", + "BSL-1.0", + "Unicode-DFS-2016", + "BSD-3-Clause", + "BSD-2-Clause", + "Zlib", + "ISC", + "CC0-1.0", +] +confidence-threshold = 0.8 +# Allow 1 or more licenses on a per-crate basis, so that particular licenses +# aren't accepted for every possible crate as with the normal allow list +exceptions = [ + # Each entry is the crate and version constraint, and its specific allow + # list + #{ allow = ["Zlib"], crate = "adler32" }, +] + +[bans] +# Lint level for when multiple versions of the same crate are detected +multiple-versions = "allow" # The majority of warning are coming from iced TODO: more testing is required +# Lint level for when a crate version requirement is `*` +wildcards = "allow" +# The graph highlighting used when creating dotgraphs for crates +# with multiple versions +# * lowest-version - The path to the lowest versioned duplicate is highlighted +# * simplest-path - The path to the version with the fewest edges is highlighted +# * all - Both lowest-version and simplest-path are used +highlight = "all" +# The default lint level for `default` features for crates that are members of +# the workspace that is being checked. This can be overridden by allowing/denying +# `default` on a crate-by-crate basis if desired. +workspace-default-features = "allow" +# The default lint level for `default` features for external crates that are not +# members of the workspace. This can be overridden by allowing/denying `default` +# on a crate-by-crate basis if desired. +external-default-features = "allow" +# List of crates that are allowed. Use with care! +allow = [ + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is allowed" }, +] +# List of crates to deny +deny = [ + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason it is banned" }, + # Wrapper crates can optionally be specified to allow the crate when it + # is a direct dependency of the otherwise banned crate + #{ crate = "ansi_term@0.11.0", wrappers = ["this-crate-directly-depends-on-ansi_term"] }, +] + +# List of features to allow/deny +# Each entry the name of a crate and a version range. If version is +# not specified, all versions will be matched. +#[[bans.features]] +#crate = "reqwest" +# Features to not allow +#deny = ["json"] +# Features to allow +#allow = [ +# "rustls", +# "__rustls", +# "__tls", +# "hyper-rustls", +# "rustls", +# "rustls-pemfile", +# "rustls-tls-webpki-roots", +# "tokio-rustls", +# "webpki-roots", +#] +# If true, the allowed features must exactly match the enabled feature set. If +# this is set there is no point setting `deny` +#exact = true + +# Certain crates/versions that will be skipped when doing duplicate detection. +skip = [ + #"ansi_term@0.11.0", + #{ crate = "ansi_term@0.11.0", reason = "you can specify a reason why it can't be updated/removed" }, +] +# Similarly to `skip` allows you to skip certain crates during duplicate +# detection. Unlike skip, it also includes the entire tree of transitive +# dependencies starting at the specified crate, up to a certain depth, which is +# by default infinite. +skip-tree = [ + #"ansi_term@0.11.0", # will be skipped along with _all_ of its direct and transitive dependencies + #{ crate = "ansi_term@0.11.0", depth = 20 }, +] + +# This section is considered when running `cargo deny check sources`. +# More documentation about the 'sources' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html +[sources] +# Lint level for what to happen when a crate from a crate registry that is not +# in the allow list is encountered +unknown-registry = "warn" +# Lint level for what to happen when a crate from a git repository that is not +# in the allow list is encountered +unknown-git = "warn" +# List of URLs for allowed crate registries. Defaults to the crates.io index +# if not specified. If it is specified but empty, no registries are allowed. +allow-registry = ["https://github.com/rust-lang/crates.io-index"] +# List of URLs for allowed Git repositories +allow-git = [] + +[sources.allow-org] +# 1 or more github.com organizations to allow git sources for +# github = [""] +# 1 or more gitlab.com organizations to allow git sources for +# gitlab = [""] +# 1 or more bitbucket.org organizations to allow git sources for +# bitbucket = [""] +# bitbucket = [""]