From 47d839e58ab7a555cfbbeb45f769a35f5542da45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Sun, 2 Feb 2020 11:19:12 +0200
Subject: [PATCH] Switch from cargo-audit to cargo-deny

This provides a superset of the features, including license checks.

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer-rs/issues/238
---
 .gitlab-ci.yml     |  6 +++---
 ci/install-rust.sh |  2 +-
 deny.toml          | 44 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+), 4 deletions(-)
 create mode 100644 deny.toml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5335701ad..30e0c4da0 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -35,7 +35,7 @@ stages:
 .debian:10:
   variables:
     FDO_DISTRIBUTION_VERSION: 10
-    FDO_DISTRIBUTION_TAG: '$RUST_VERSION-2020-04-16.1'
+    FDO_DISTRIBUTION_TAG: '$RUST_VERSION-2020-04-16.2'
     # Only stuff inside the repo directory can be cached
     # Override the CARGO_HOME variable to force its location
     CARGO_HOME: "${CI_PROJECT_DIR}/.cargo_home"
@@ -205,13 +205,13 @@ clippy:
       cargo clippy --color=always --manifest-path examples/Cargo.toml --all-targets --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless -A clippy::missing_safety_doc
       cargo clippy --color=always --manifest-path tutorials/Cargo.toml --all-targets --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless -A clippy::missing_safety_doc
 
-audit:
+deny:
   extends: .img-stable
   stage: 'extras'
   only:
     - schedules
   script:
-    - cargo audit --deny-warnings
+    - cargo deny check
 
 gir-checks:
   extends: .img-stable
diff --git a/ci/install-rust.sh b/ci/install-rust.sh
index 939c5bba2..6c9924924 100755
--- a/ci/install-rust.sh
+++ b/ci/install-rust.sh
@@ -19,6 +19,6 @@ rustc --version
 if [ "$RUST_VERSION" = "stable" ]; then
   rustup component add clippy-preview
   rustup component add rustfmt
-  cargo install --force cargo-audit
+  cargo install --force cargo-deny
   cargo install --force --git https://github.com/kbknapp/cargo-outdated
 fi
diff --git a/deny.toml b/deny.toml
new file mode 100644
index 000000000..867f7cf63
--- /dev/null
+++ b/deny.toml
@@ -0,0 +1,44 @@
+[advisories]
+db-path = "~/.cargo/advisory-db"
+db-url = "https://github.com/rustsec/advisory-db"
+vulnerability = "deny"
+unmaintained = "warn"
+notice = "warn"
+ignore = []
+
+[licenses]
+unlicensed = "deny"
+allow = [
+  "Apache-2.0",
+]
+deny = [
+  "GPL-1.0",
+  "GPL-2.0",
+  "GPL-3.0",
+  "AGPL-1.0",
+  "AGPL-3.0",
+]
+copyleft = "deny"
+allow-osi-fsf-free = "either"
+confidence-threshold = 0.8
+
+[bans]
+multiple-versions = "warn"
+highlight = "all"
+
+[sources]
+unknown-registry = "deny"
+unknown-git = "deny"
+allow-git = [
+  "https://gitlab.freedesktop.org/gstreamer/gstreamer-rs-sys",
+  "https://github.com/gtk-rs/sys",
+  "https://github.com/gtk-rs/glib",
+  "https://github.com/gtk-rs/gio",
+  "https://github.com/gtk-rs/cairo",
+  "https://github.com/gtk-rs/pango",
+  "https://github.com/gtk-rs/pangocairo",
+  "https://github.com/gtk-rs/atk",
+  "https://github.com/gtk-rs/gdk-pixbuf",
+  "https://github.com/gtk-rs/gdk",
+  "https://github.com/gtk-rs/gtk",
+]