-
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathdeny.toml
More file actions
59 lines (54 loc) · 2.17 KB
/
deny.toml
File metadata and controls
59 lines (54 loc) · 2.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
[licenses]
# Permissive / weakly-copyleft licenses, all compatible with
# html-generator's own `MIT OR Apache-2.0` distribution:
#
# * MIT, Apache-2.0 — html-generator itself.
# * MITNFA — "MIT +no-false-attribs"; `fmt2io` (via comrak).
# * BSD-2-Clause — `comrak` itself (now a direct dev-dep for the
# comparative bench suite).
# * ISC — permissive; transitive (e.g. via libloading).
# * MPL-2.0 — file-scoped weak copyleft; `cssparser` (via
# lightningcss → minify-html).
# * Unicode-3.0 and `Unicode-DFS-2016` — Unicode data licenses
# (e.g. via icu, idna).
# * Apache-2.0 WITH LLVM-exception OR BSL-1.0 — alternative
# permissive licenses on `target-lexicon`-style crates.
# * `(MIT OR Apache-2.0) AND Unicode-3.0` — combo on Unicode
# data crates that re-license but include Unicode tables.
allow = [
"MIT",
"Apache-2.0",
"MITNFA",
"BSD-2-Clause",
"ISC",
"MPL-2.0",
"Unicode-3.0",
"BSL-1.0",
]
# `WITH LLVM-exception` (Apache-2.0 + LLVM Exception) on `target-lexicon`
# style crates. cargo-deny treats `WITH` clauses via this field rather
# than the main `allow` list.
exceptions = [
{ name = "target-lexicon", allow = ["Apache-2.0 WITH LLVM-exception"] },
]
[bans]
# Lint level for when multiple versions of the same crate are detected
multiple-versions = "warn"
# The graph highlighting used when creating dotgraphs for crates with multiple versions
# Options: "lowest-version", "simplest-path", "all"
highlight = "all"
# Certain crates/versions that will be skipped when doing duplicate detection.
skip = []
# Similarly to `skip` allows you to skip certain crates during duplicate detection, unlike skip, it also includes the entire tree of transitive dependencies starting at the specified crate, up to a certain depth, which is by default infinite
skip-tree = []
[advisories]
# List of advisory IDs to ignore.
#
# RUSTSEC-2025-0141 (bincode 1.x): unmaintained — transitive dep of
# syntect (via comrak/mdx-gen), no direct replacement available.
# RUSTSEC-2024-0320 (yaml-rust): unmaintained — transitive dep of
# syntect (via comrak/mdx-gen), no direct replacement available.
ignore = [
"RUSTSEC-2025-0141",
"RUSTSEC-2024-0320",
]