-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathdeny.toml
More file actions
38 lines (35 loc) · 1.03 KB
/
Copy pathdeny.toml
File metadata and controls
38 lines (35 loc) · 1.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[advisories]
# Reject crates with known security vulnerabilities
version = 2
ignore = [
# number_prefix (transitive dep of indicatif) is unmaintained; no safe
# upgrade exists at this time. Tracked: RUSTSEC-2025-0119.
{ id = "RUSTSEC-2025-0119", reason = "Transitive dep of indicatif; no safe upgrade available upstream" },
{ id = "RUSTSEC-2026-0067", reason = "Fixed in tar 0.4.46; pinned above" },
{ id = "RUSTSEC-2026-0068", reason = "Fixed in tar 0.4.46; pinned above" },
]
[licenses]
version = 2
allow = [
"Apache-2.0",
"Apache-2.0 WITH LLVM-exception",
"MIT",
"MIT-0",
"BSD-2-Clause",
"Unlicense",
"0BSD",
"CC0-1.0",
"Zlib",
"Unicode-3.0",
"MPL-2.0",
]
# Confidence threshold for license text matching
confidence-threshold = 0.8
[bans]
# Lint level for when multiple versions of the same crate are detected
multiple-versions = "warn"
wildcards = "allow"
[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]