mirror of
https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs.git
synced 2024-11-22 11:30:59 +00:00
185 lines
4.4 KiB
TOML
185 lines
4.4 KiB
TOML
[advisories]
|
|
db-path = "~/.cargo/advisory-db"
|
|
db-urls = ["https://github.com/rustsec/advisory-db"]
|
|
vulnerability = "deny"
|
|
unmaintained = "warn"
|
|
notice = "warn"
|
|
ignore = [
|
|
# Waiting for https://github.com/librespot-org/librespot/issues/937
|
|
"RUSTSEC-2021-0059",
|
|
"RUSTSEC-2021-0060",
|
|
"RUSTSEC-2021-0061",
|
|
"RUSTSEC-2021-0145",
|
|
# https://github.com/chronotope/chrono/issues/499
|
|
"RUSTSEC-2020-0071",
|
|
# sodiumoxide is deprecated
|
|
"RUSTSEC-2021-0137",
|
|
# https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/issues/256
|
|
"RUSTSEC-2022-0048",
|
|
]
|
|
|
|
[licenses]
|
|
unlicensed = "deny"
|
|
allow = [
|
|
"Apache-2.0",
|
|
]
|
|
deny = [
|
|
"GPL-1.0",
|
|
"GPL-2.0",
|
|
"GPL-3.0",
|
|
"AGPL-1.0",
|
|
"AGPL-3.0",
|
|
]
|
|
copyleft = "allow"
|
|
allow-osi-fsf-free = "either"
|
|
confidence-threshold = 0.8
|
|
|
|
[[licenses.clarify]]
|
|
name = "ring"
|
|
version = "*"
|
|
expression = "OpenSSL"
|
|
license-files = [
|
|
{ path = "LICENSE", hash = 0xbd0eed23 }
|
|
]
|
|
|
|
[bans]
|
|
multiple-versions = "deny"
|
|
highlight = "all"
|
|
wildcards = "allow"
|
|
|
|
# ignore duplicated deps because of chrono, cookie, cookie_store, hyper,
|
|
# hyperx, reqwest depending on old time
|
|
# https://github.com/chronotope/chrono/issues/400
|
|
# https://github.com/pfernie/cookie_store/issues/11
|
|
# https://github.com/hyperium/hyper/pull/2139
|
|
# https://github.com/dekellum/hyperx/issues/21
|
|
# https://github.com/seanmonstar/reqwest/issues/934
|
|
[[bans.skip]]
|
|
name = "time"
|
|
version = "0.1"
|
|
|
|
# ignore duplicated rustc_version dependency because rav1e depends on an old version
|
|
[[bans.skip]]
|
|
name = "rustc_version"
|
|
version = "0.3"
|
|
[[bans.skip]]
|
|
name = "semver"
|
|
version = "0.11"
|
|
|
|
# ignore duplicated system-deps dependency because rav1e depends on an old version
|
|
[[bans.skip]]
|
|
name = "system-deps"
|
|
version = "3"
|
|
[[bans.skip]]
|
|
name = "version-compare"
|
|
version = "0.0"
|
|
[[bans.skip]]
|
|
name = "cfg-expr"
|
|
version = "0.7"
|
|
|
|
# ignore duplicated crc dependency because ffv1 depends on an old version
|
|
# https://github.com/rust-av/ffv1/issues/21
|
|
[[bans.skip]]
|
|
name = "crc"
|
|
version = "1.8"
|
|
|
|
# ignore duplicated heck dependency because various crates depend on an old version
|
|
[[bans.skip]]
|
|
name = "heck"
|
|
version = "0.3"
|
|
|
|
# ignore duplicated sha-1/digest/block-buffer dependencies because librespot depends on an old version
|
|
[[bans.skip]]
|
|
name = "block-buffer"
|
|
version = "0.9"
|
|
[[bans.skip]]
|
|
name = "digest"
|
|
version = "0.9"
|
|
[[bans.skip]]
|
|
name = "sha-1"
|
|
version = "0.9"
|
|
|
|
# ignore duplicated wasi dependency because various crates depends on an old version
|
|
[[bans.skip]]
|
|
name = "wasi"
|
|
version = "0.10"
|
|
|
|
# ignore duplicated spin dependency because various crates depend on an old version
|
|
[[bans.skip]]
|
|
name = "spin"
|
|
version = "0.5"
|
|
|
|
# Various crates depend on older versions of the windows crates
|
|
[[bans.skip]]
|
|
name = "windows-sys"
|
|
version = "0.36"
|
|
[[bans.skip]]
|
|
name = "windows_aarch64_msvc"
|
|
version = "0.36"
|
|
[[bans.skip]]
|
|
name = "windows_i686_gnu"
|
|
version = "0.36"
|
|
[[bans.skip]]
|
|
name = "windows_i686_msvc"
|
|
version = "0.36"
|
|
[[bans.skip]]
|
|
name = "windows_x86_64_gnu"
|
|
version = "0.36"
|
|
[[bans.skip]]
|
|
name = "windows_x86_64_msvc"
|
|
version = "0.36"
|
|
|
|
# Various crates depend on older miniz_oxide
|
|
# https://github.com/rust-lang/backtrace-rs/pull/483
|
|
# https://github.com/rust-lang/flate2-rs/pull/317
|
|
# https://github.com/image-rs/image-png/pull/355
|
|
[[bans.skip]]
|
|
name = "miniz_oxide"
|
|
version = "0.5"
|
|
|
|
# cookie_store depends on older idna
|
|
# https://github.com/pfernie/cookie_store/commit/b9c710f45550c5c8997f18a83e6fcc5998cf1726
|
|
[[bans.skip]]
|
|
name = "idna"
|
|
version = "0.2"
|
|
|
|
# async-io / async-channel depend on an old version of concurrent-queue
|
|
# https://github.com/smol-rs/async-channel/pull/50
|
|
# https://github.com/smol-rs/async-io/pull/99
|
|
[[bans.skip]]
|
|
name = "concurrent-queue"
|
|
version = "1"
|
|
|
|
# image depends on older gif
|
|
# https://github.com/image-rs/image/pull/1826
|
|
[[bans.skip]]
|
|
name = "gif"
|
|
version = "0.11"
|
|
|
|
# field-offset and nix depend on an older memoffset
|
|
# https://github.com/Diggsey/rust-field-offset/pull/23
|
|
# https://github.com/nix-rust/nix/pull/1885
|
|
[[bans.skip]]
|
|
name = "memoffset"
|
|
version = "0.6"
|
|
|
|
# librespot depends on an older env_logger
|
|
[[bans.skip]]
|
|
name = "env_logger"
|
|
version = "0.9"
|
|
|
|
# Various crates depend on an older version of hermit-abi
|
|
[[bans.skip]]
|
|
name = "hermit-abi"
|
|
version = "0.1"
|
|
|
|
[sources]
|
|
unknown-registry = "deny"
|
|
unknown-git = "deny"
|
|
allow-git = [
|
|
"https://gitlab.freedesktop.org/gstreamer/gstreamer-rs",
|
|
"https://github.com/gtk-rs/gtk-rs-core",
|
|
"https://github.com/gtk-rs/gtk4-rs",
|
|
"https://github.com/rust-av/ffv1",
|
|
"https://github.com/rust-av/flavors",
|
|
]
|