gst-plugins-rs/deny.toml

[advisories]
db-path = "~/.cargo/advisory-db"
db-urls = ["https://github.com/rustsec/advisory-db"]
vulnerability = "deny"
unmaintained = "warn"
notice = "warn"
ignore = [
    # Waiting for https://github.com/chronotope/chrono/pull/578
    "RUSTSEC-2020-0071",
    "RUSTSEC-2020-0159",
]

[licenses]
unlicensed = "deny"
allow = [
  "Apache-2.0",
]
deny = [
  "GPL-1.0",
  "GPL-2.0",
  "GPL-3.0",
  "AGPL-1.0",
  "AGPL-3.0",
]
copyleft = "allow"
allow-osi-fsf-free = "either"
confidence-threshold = 0.8

# https://github.com/hsivonen/encoding_rs/issues/75
[[licenses.clarify]]
name = "encoding_rs"
version = "*"
expression = "(Apache-2.0 OR MIT) AND BSD-3-Clause"
license-files = [
    { path = "COPYRIGHT", hash = 0x39f8ad31 }
]

[bans]
multiple-versions = "deny"
highlight = "all"
wildcards = "allow"

# ignore duplicated deps because of chrono, cookie, cookie_store, hyper,
# hyperx, reqwest depending on old time
# https://github.com/chronotope/chrono/issues/400
# https://github.com/pfernie/cookie_store/issues/11
# https://github.com/hyperium/hyper/pull/2139
# https://github.com/dekellum/hyperx/issues/21
# https://github.com/seanmonstar/reqwest/issues/934
[[bans.skip]]
name = "time"
version = "0.1"

# ignore duplicated textwrap dependency because clap depends on an old version
# https://github.com/clap-rs/clap/pull/1994
[[bans.skip]]
name = "textwrap"
version = "0.11"

# ignore duplicated cfg-if dependency because a few dozen dependencies still
# pull in the old version
[[bans.skip]]
name = "cfg-if"
version = "0.1"

# ignore duplicated nom dependency because cexpr depends on an old version
# https://github.com/jethrogb/rust-cexpr/issues/26
[[bans.skip]]
name = "nom"
version = "5"

# ignore duplicated rustc_version dependency because various crates depend on an old version
[[bans.skip]]
name = "rustc_version"
version = "0.2"
[[bans.skip]]
name = "semver"
version = "0.9"
[[bans.skip]]
name = "semver-parser"
version = "0.7"

# ignore duplicated rustc_version dependency because rav1e depends on an old version
[[bans.skip]]
name = "rustc_version"
version = "0.3"
[[bans.skip]]
name = "semver"
version = "0.11"

# ignore duplicated num-rational dependency because image depends on an old version
# https://github.com/image-rs/image/pull/1451
[[bans.skip]]
name = "num-rational"
version = "0.3"

# ignore duplicated system-deps dependency because dav1d depends on an old version
[[bans.skip]]
name = "system-deps"
version = "3"

[[bans.skip]]
name = "version-compare"
version = "0.0"

[[bans.skip]]
name = "cfg-expr"
version = "0.7"

# ignore duplicated crc dependency because ffv1 depends on an old version
# https://github.com/rust-av/ffv1/issues/21
[[bans.skip]]
name = "crc"
version = "1.8"

# ignore duplicated itoa dependency because http/hyper/serde_urlencoded depend on an old version
[[bans.skip]]
name = "itoa"
version = "0.4"

# ignore duplicated heck dependency because various crates depend on an old version
[[bans.skip]]
name = "heck"
version = "0.3"

[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-git = [
  "https://gitlab.freedesktop.org/gstreamer/gstreamer-rs",
  "https://github.com/gtk-rs/gtk-rs-core",
  "https://github.com/gtk-rs/gtk4-rs",
  "https://github.com/rust-av/ffv1",
  "https://github.com/rust-av/flavors",
]
ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00			`[advisories]`
			`db-path = "~/.cargo/advisory-db"`
deny: Update 2020-11-20 08:03:52 +00:00			`db-urls = ["https://github.com/rustsec/advisory-db"]`
ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00			`vulnerability = "deny"`
			`unmaintained = "warn"`
			`notice = "warn"`
deny: Update to pass again 2020-06-05 09:33:13 +00:00			`ignore = [`
deny: Ignore RUSTSEC-2020-0071 for now Waiting for https://github.com/chronotope/chrono/pull/578 2021-10-18 06:46:27 +00:00			`# Waiting for https://github.com/chronotope/chrono/pull/578`
			`"RUSTSEC-2020-0071",`
deny: Also ignore RUSTSEC-2020-0159 for now Also waiting for https://github.com/chronotope/chrono/pull/578 2021-10-19 06:44:54 +00:00			`"RUSTSEC-2020-0159",`
deny: Update to pass again 2020-06-05 09:33:13 +00:00			`]`
ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00
			`[licenses]`
			`unlicensed = "deny"`
			`allow = [`
			`"Apache-2.0",`
			`]`
			`deny = [`
			`"GPL-1.0",`
			`"GPL-2.0",`
			`"GPL-3.0",`
			`"AGPL-1.0",`
			`"AGPL-3.0",`
			`]`
			`copyleft = "allow"`
			`allow-osi-fsf-free = "either"`
			`confidence-threshold = 0.8`

deny: Clarify license of encoding_rs See https://github.com/hsivonen/encoding_rs/issues/75 2021-12-09 10:04:11 +00:00			`# https://github.com/hsivonen/encoding_rs/issues/75`
			`[[licenses.clarify]]`
			`name = "encoding_rs"`
			`version = "*"`
			`expression = "(Apache-2.0 OR MIT) AND BSD-3-Clause"`
			`license-files = [`
			`{ path = "COPYRIGHT", hash = 0x39f8ad31 }`
			`]`

ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00			`[bans]`
deny: fail on multiple versions Will ensure to keep the ignore list up to date. 2020-04-28 10:16:08 +00:00			`multiple-versions = "deny"`
ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00			`highlight = "all"`
deny: Update configuration 2020-08-10 06:51:52 +00:00			`wildcards = "allow"`
ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00
deny: Skip various duplicated deps until our dependencies are updated 2020-05-29 09:22:52 +00:00			`# ignore duplicated deps because of chrono, cookie, cookie_store, hyper,`
			`# hyperx, reqwest depending on old time`
			`# https://github.com/chronotope/chrono/issues/400`
			`# https://github.com/pfernie/cookie_store/issues/11`
			`# https://github.com/hyperium/hyper/pull/2139`
			`# https://github.com/dekellum/hyperx/issues/21`
			`# https://github.com/seanmonstar/reqwest/issues/934`
			`[[bans.skip]]`
			`name = "time"`
			`version = "0.1"`

deny: Update for latest version of dependencies 2020-06-30 08:02:23 +00:00			`# ignore duplicated textwrap dependency because clap depends on an old version`
			`# https://github.com/clap-rs/clap/pull/1994`
			`[[bans.skip]]`
			`name = "textwrap"`
			`version = "0.11"`

deny: Update 2020-10-10 08:17:56 +00:00			`# ignore duplicated cfg-if dependency because a few dozen dependencies still`
			`# pull in the old version`
			`[[bans.skip]]`
			`name = "cfg-if"`
			`version = "0.1"`

hlssink3: Update to m3u8-rs 3 This uses nom 7 now. 2021-11-18 19:44:09 +00:00			`# ignore duplicated nom dependency because cexpr depends on an old version`
deny: Update 2020-11-20 08:03:52 +00:00			`# https://github.com/jethrogb/rust-cexpr/issues/26`
			`[[bans.skip]]`
			`name = "nom"`
			`version = "5"`

deny.toml: Update 2021-01-16 08:19:51 +00:00			`# ignore duplicated rustc_version dependency because various crates depend on an old version`
deny: Update 2021-01-09 10:46:09 +00:00			`[[bans.skip]]`
deny.toml: Update 2021-01-16 08:19:51 +00:00			`name = "rustc_version"`
deny: Update 2021-01-09 10:46:09 +00:00			`version = "0.2"`
			`[[bans.skip]]`
deny.toml: Update 2021-01-16 08:19:51 +00:00			`name = "semver"`
			`version = "0.9"`
deny: Update 2021-01-09 10:46:09 +00:00			`[[bans.skip]]`
deny.toml: Update 2021-01-16 08:19:51 +00:00			`name = "semver-parser"`
			`version = "0.7"`
deny: Update 2021-01-09 10:46:09 +00:00
deny: Update 2021-06-08 05:52:31 +00:00			`# ignore duplicated rustc_version dependency because rav1e depends on an old version`
			`[[bans.skip]]`
			`name = "rustc_version"`
			`version = "0.3"`
			`[[bans.skip]]`
			`name = "semver"`
			`version = "0.11"`

deny: Update 2021-03-10 09:07:39 +00:00			`# ignore duplicated num-rational dependency because image depends on an old version`
			`# https://github.com/image-rs/image/pull/1451`
			`[[bans.skip]]`
			`name = "num-rational"`
			`version = "0.3"`

deny.toml: Update 2021-09-01 05:58:59 +00:00			`# ignore duplicated system-deps dependency because dav1d depends on an old version`
deny.toml: Update 2021-08-26 06:24:54 +00:00			`[[bans.skip]]`
deny.toml: Update 2021-09-01 05:58:59 +00:00			`name = "system-deps"`
			`version = "3"`
hlssink3: Update to m3u8-rs 3 This uses nom 7 now. 2021-11-18 19:44:09 +00:00
			`[[bans.skip]]`
			`name = "version-compare"`
			`version = "0.0"`

deny.toml: Update 2021-09-01 05:58:59 +00:00			`[[bans.skip]]`
			`name = "cfg-expr"`
deny: Update 2021-11-17 08:16:18 +00:00			`version = "0.7"`
deny.toml: Update 2021-08-26 06:24:54 +00:00
deny: Update 2021-09-11 05:45:25 +00:00			`# ignore duplicated crc dependency because ffv1 depends on an old version`
			`# https://github.com/rust-av/ffv1/issues/21`
			`[[bans.skip]]`
			`name = "crc"`
			`version = "1.8"`

deny: Update 2021-12-15 10:47:08 +00:00			`# ignore duplicated itoa dependency because http/hyper/serde_urlencoded depend on an old version`
			`[[bans.skip]]`
			`name = "itoa"`
			`version = "0.4"`

deny: Update 2021-12-18 08:08:48 +00:00			`# ignore duplicated heck dependency because various crates depend on an old version`
			`[[bans.skip]]`
			`name = "heck"`
			`version = "0.3"`

ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00			`[sources]`
			`unknown-registry = "deny"`
			`unknown-git = "deny"`
			`allow-git = [`
			`"https://gitlab.freedesktop.org/gstreamer/gstreamer-rs",`
deny: Update for gtk-rs-core URI 2021-05-14 07:47:52 +00:00			`"https://github.com/gtk-rs/gtk-rs-core",`
deny: Add gtk4-rs repo URL to `allow-git` 2021-10-14 07:03:17 +00:00			`"https://github.com/gtk-rs/gtk4-rs",`
video: Add a new ffv1 decoder plugin 2021-09-10 06:20:31 +00:00			`"https://github.com/rust-av/ffv1",`
ci: switch from cargo-audit to cargo-deny Fix #110 2020-04-16 11:03:28 +00:00			`"https://github.com/rust-av/flavors",`
			`]`