2020-04-16 11:03:28 +00:00
|
|
|
[advisories]
|
|
|
|
db-path = "~/.cargo/advisory-db"
|
2020-11-20 08:03:52 +00:00
|
|
|
db-urls = ["https://github.com/rustsec/advisory-db"]
|
2020-04-16 11:03:28 +00:00
|
|
|
vulnerability = "deny"
|
|
|
|
unmaintained = "warn"
|
|
|
|
notice = "warn"
|
2020-06-05 09:33:13 +00:00
|
|
|
ignore = [
|
2022-01-12 15:47:47 +00:00
|
|
|
# Waiting for https://github.com/librespot-org/librespot/issues/937
|
|
|
|
"RUSTSEC-2021-0059",
|
|
|
|
"RUSTSEC-2021-0060",
|
|
|
|
"RUSTSEC-2021-0061",
|
2022-11-28 08:58:03 +00:00
|
|
|
"RUSTSEC-2021-0145",
|
2022-06-06 08:58:46 +00:00
|
|
|
# https://github.com/chronotope/chrono/issues/499
|
|
|
|
"RUSTSEC-2020-0071",
|
2022-08-16 10:24:04 +00:00
|
|
|
# sodiumoxide is deprecated
|
|
|
|
"RUSTSEC-2021-0137",
|
2020-06-05 09:33:13 +00:00
|
|
|
]
|
2020-04-16 11:03:28 +00:00
|
|
|
|
|
|
|
[licenses]
|
|
|
|
unlicensed = "deny"
|
|
|
|
allow = [
|
|
|
|
"Apache-2.0",
|
|
|
|
]
|
|
|
|
deny = [
|
|
|
|
"GPL-1.0",
|
|
|
|
"GPL-2.0",
|
|
|
|
"GPL-3.0",
|
|
|
|
"AGPL-1.0",
|
|
|
|
"AGPL-3.0",
|
|
|
|
]
|
|
|
|
copyleft = "allow"
|
|
|
|
allow-osi-fsf-free = "either"
|
|
|
|
confidence-threshold = 0.8
|
|
|
|
|
2021-12-09 10:04:11 +00:00
|
|
|
[[licenses.clarify]]
|
2022-06-21 06:44:57 +00:00
|
|
|
name = "ring"
|
2021-12-09 10:04:11 +00:00
|
|
|
version = "*"
|
2022-06-21 06:44:57 +00:00
|
|
|
expression = "OpenSSL"
|
2021-12-09 10:04:11 +00:00
|
|
|
license-files = [
|
2022-06-21 06:44:57 +00:00
|
|
|
{ path = "LICENSE", hash = 0xbd0eed23 }
|
2021-12-09 10:04:11 +00:00
|
|
|
]
|
|
|
|
|
2020-04-16 11:03:28 +00:00
|
|
|
[bans]
|
2020-04-28 10:16:08 +00:00
|
|
|
multiple-versions = "deny"
|
2020-04-16 11:03:28 +00:00
|
|
|
highlight = "all"
|
2020-08-10 06:51:52 +00:00
|
|
|
wildcards = "allow"
|
2020-04-16 11:03:28 +00:00
|
|
|
|
2020-05-29 09:22:52 +00:00
|
|
|
# ignore duplicated deps because of chrono, cookie, cookie_store, hyper,
|
|
|
|
# hyperx, reqwest depending on old time
|
|
|
|
# https://github.com/chronotope/chrono/issues/400
|
|
|
|
# https://github.com/pfernie/cookie_store/issues/11
|
|
|
|
# https://github.com/hyperium/hyper/pull/2139
|
|
|
|
# https://github.com/dekellum/hyperx/issues/21
|
|
|
|
# https://github.com/seanmonstar/reqwest/issues/934
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "time"
|
|
|
|
version = "0.1"
|
|
|
|
|
2021-09-11 05:45:25 +00:00
|
|
|
# ignore duplicated crc dependency because ffv1 depends on an old version
|
|
|
|
# https://github.com/rust-av/ffv1/issues/21
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "crc"
|
|
|
|
version = "1.8"
|
|
|
|
|
2022-12-19 07:54:50 +00:00
|
|
|
# Ignore various duplicated dependencies because librespot depends on an old versions
|
2022-02-12 10:40:00 +00:00
|
|
|
[[bans.skip]]
|
|
|
|
name = "block-buffer"
|
|
|
|
version = "0.9"
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "digest"
|
|
|
|
version = "0.9"
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "sha-1"
|
|
|
|
version = "0.9"
|
2022-12-19 07:54:50 +00:00
|
|
|
[[bans.skip]]
|
|
|
|
name = "env_logger"
|
|
|
|
version = "0.9"
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "hmac"
|
|
|
|
version = "0.11"
|
2022-02-12 10:40:00 +00:00
|
|
|
|
2022-03-14 09:49:04 +00:00
|
|
|
# ignore duplicated wasi dependency because various crates depends on an old version
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "wasi"
|
|
|
|
version = "0.10"
|
|
|
|
|
2022-07-11 15:30:54 +00:00
|
|
|
# ignore duplicated spin dependency because various crates depend on an old version
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "spin"
|
|
|
|
version = "0.5"
|
|
|
|
|
2022-10-25 07:54:29 +00:00
|
|
|
# cookie_store depends on older idna
|
|
|
|
# https://github.com/pfernie/cookie_store/commit/b9c710f45550c5c8997f18a83e6fcc5998cf1726
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "idna"
|
|
|
|
version = "0.2"
|
|
|
|
|
2022-11-28 08:58:03 +00:00
|
|
|
# field-offset and nix depend on an older memoffset
|
|
|
|
# https://github.com/Diggsey/rust-field-offset/pull/23
|
|
|
|
# https://github.com/nix-rust/nix/pull/1885
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "memoffset"
|
|
|
|
version = "0.6"
|
|
|
|
|
|
|
|
# Various crates depend on an older version of hermit-abi
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "hermit-abi"
|
|
|
|
version = "0.1"
|
2023-06-30 08:12:52 +00:00
|
|
|
|
2023-01-11 08:30:45 +00:00
|
|
|
# Various crates depend on an older version of base64
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "base64"
|
|
|
|
version = "0.13"
|
|
|
|
|
2023-03-01 12:00:26 +00:00
|
|
|
# Various crates depend on an older version of socket2
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "socket2"
|
|
|
|
version = "0.4"
|
|
|
|
|
2023-03-19 16:39:02 +00:00
|
|
|
# Various crates depend on an older version of syn
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "syn"
|
|
|
|
version = "1.0"
|
|
|
|
|
2023-07-07 06:08:50 +00:00
|
|
|
# Various crates depend on an older version of bitflags
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "bitflags"
|
|
|
|
version = "1.0"
|
|
|
|
|
2023-03-27 08:19:21 +00:00
|
|
|
# cargo-lock depends on an old version of the toml crate
|
|
|
|
# https://github.com/rustsec/rustsec/pull/805
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "toml"
|
|
|
|
version = "0.5"
|
|
|
|
|
2023-03-31 08:48:11 +00:00
|
|
|
# Various crates depend on an older version of redox_syscall
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "redox_syscall"
|
|
|
|
version = "0.2"
|
|
|
|
|
2023-04-21 09:58:01 +00:00
|
|
|
# tracing-subscriber depends on an older version of regex-syntax
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "regex-syntax"
|
|
|
|
version = "0.6"
|
|
|
|
|
2023-06-09 06:42:10 +00:00
|
|
|
# publicsuffix depends on an older version of idna
|
|
|
|
# https://github.com/rushmorem/publicsuffix/pull/39
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "idna"
|
|
|
|
version = "0.3"
|
|
|
|
|
2023-06-26 11:24:08 +00:00
|
|
|
# Various crates depend on an older version of indexmap / hashbrown
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "indexmap"
|
|
|
|
version = "1.0"
|
2023-06-15 07:16:43 +00:00
|
|
|
[[bans.skip]]
|
2023-06-26 11:24:08 +00:00
|
|
|
name = "hashbrown"
|
|
|
|
version = "0.12"
|
2023-06-15 07:16:43 +00:00
|
|
|
|
2023-06-27 07:58:57 +00:00
|
|
|
# av1-grain depends on an old version of itertools
|
|
|
|
# https://github.com/rust-av/av1-grain/pull/12
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "itertools"
|
|
|
|
version = "0.10"
|
|
|
|
|
2023-07-06 05:55:14 +00:00
|
|
|
# rav1e depends on an old version of num-derive
|
|
|
|
# https://github.com/xiph/rav1e/pull/3237
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "num-derive"
|
|
|
|
version = "0.3"
|
|
|
|
|
|
|
|
# matchers depends on an old version of regex-automata
|
|
|
|
[[bans.skip]]
|
|
|
|
name = "regex-automata"
|
|
|
|
version = "0.1"
|
|
|
|
|
2020-04-16 11:03:28 +00:00
|
|
|
[sources]
|
|
|
|
unknown-registry = "deny"
|
|
|
|
unknown-git = "deny"
|
|
|
|
allow-git = [
|
|
|
|
"https://gitlab.freedesktop.org/gstreamer/gstreamer-rs",
|
2021-05-14 07:47:52 +00:00
|
|
|
"https://github.com/gtk-rs/gtk-rs-core",
|
2021-10-14 07:03:17 +00:00
|
|
|
"https://github.com/gtk-rs/gtk4-rs",
|
2021-09-10 06:20:31 +00:00
|
|
|
"https://github.com/rust-av/ffv1",
|
2020-04-16 11:03:28 +00:00
|
|
|
"https://github.com/rust-av/flavors",
|
|
|
|
]
|