1# Copyright (c) 2023 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14# Note that all fields that take a lint level have these possible values: 15# * deny - An error will be produced and the check will fail 16# * warn - A warning will be produced, but the check will not fail 17# * allow - No warning or error will be produced, though in some cases a note 18# will be 19 20# This section is considered when running `cargo deny check advisories` 21# More documentation for the advisories section can be found here: 22# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html 23[advisories] 24# The lint level for security vulnerabilities 25vulnerability = "deny" 26# The lint level for unmaintained crates 27unmaintained = "warn" 28# The lint level for crates that have been yanked from their source registry 29yanked = "warn" 30# The lint level for crates with security notices. Note that as of 31# 2019-12-17 there are no security notice advisories in 32# https://github.com/rustsec/advisory-db 33notice = "warn" 34# A list of advisory IDs to ignore. Note that ignored advisories will still 35# output a note when they are encountered. 36# 37# e.g. "RUSTSEC-0000-0000", 38ignore = [ 39] 40 41# This section is considered when running `cargo deny check licenses` 42# More documentation for the licenses section can be found here: 43# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html 44[licenses] 45unlicensed = "deny" 46# List of explicitly allowed licenses 47# See https://spdx.org/licenses/ for list of possible licenses 48# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. 49allow = [ 50 "MIT", 51 "Apache-2.0", 52 "Unicode-DFS-2016", 53 #"Apache-2.0 WITH LLVM-exception", 54] 55# List of explicitly disallowed licenses 56# See https://spdx.org/licenses/ for list of possible licenses 57# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. 58deny = [ 59] 60# Lint level for licenses considered copyleft 61copyleft = "deny" 62# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses 63# * both - The license will be approved if it is both OSI-approved *AND* FSF 64# * either - The license will be approved if it is either OSI-approved *OR* FSF 65# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF 66# * fsf-only - The license will be approved if is FSF *AND NOT* OSI-approved 67# * neither - This predicate is ignored and the default lint level is used 68allow-osi-fsf-free = "neither" 69# Lint level used when no other predicates are matched 70# 1. License isn't in the allow or deny lists 71# 2. License isn't copyleft 72# 3. License isn't OSI/FSF, or allow-osi-fsf-free = "neither" 73default = "deny" 74# The confidence threshold for detecting a license from license text. 75# The higher the value, the more closely the license text must be to the 76# canonical license text of a valid SPDX license file. 77# [possible values: any between 0.0 and 1.0]. 78confidence-threshold = 0.8 79# Allow 1 or more licenses on a per-crate basis, so that particular licenses 80# aren't accepted for every possible crate as with the normal allow list 81exceptions = [ 82 # Each entry is the crate and version constraint, and its specific allow 83 # list 84 #{ allow = ["Zlib"], name = "adler32", version = "*" }, 85] 86 87[licenses.private] 88# If true, ignores workspace crates that aren't published, or are only 89# published to private registries. 90# To see how to mark a crate as unpublished (to the official registry), 91# visit https://doc.rust-lang.org/cargo/reference/manifest.html#the-publish-field. 92ignore = true 93 94# This section is considered when running `cargo deny check bans`. 95# More documentation about the 'bans' section can be found here: 96# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html 97[bans] 98# Lint level for when multiple versions of the same crate are detected 99multiple-versions = "warn" 100# Lint level for when a crate version requirement is `*` 101wildcards = "deny" 102# The graph highlighting used when creating dotgraphs for crates 103# with multiple versions 104# * lowest-version - The path to the lowest versioned duplicate is highlighted 105# * simplest-path - The path to the version with the fewest edges is highlighted 106# * all - Both lowest-version and simplest-path are used 107highlight = "all" 108# The default lint level for `default` features for crates that are members of 109# the workspace that is being checked. This can be overridden by allowing/denying 110# `default` on a crate-by-crate basis if desired. 111workspace-default-features = "allow" 112# The default lint level for `default` features for external crates that are not 113# members of the workspace. This can be overridden by allowing/denying `default` 114# on a crate-by-crate basis if desired. 115external-default-features = "allow" 116# List of crates that are allowed. Use with care! 117allow = [ 118 #{ name = "ansi_term", version = "=0.11.0" }, 119] 120# List of crates to deny 121deny = [ 122 # Each entry the name of a crate and a version range. If version is 123 # not specified, all versions will be matched. 124 #{ name = "ansi_term", version = "=0.11.0" }, 125 # 126 # Wrapper crates can optionally be specified to allow the crate when it 127 # is a direct dependency of the otherwise banned crate 128 #{ name = "ansi_term", version = "=0.11.0", wrappers = [] }, 129] 130 131# This section is considered when running `cargo deny check sources`. 132# More documentation about the 'sources' section can be found here: 133# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html 134[sources] 135# Lint level for what to happen when a crate from a crate registry that is not 136# in the allow list is encountered 137unknown-registry = "deny" 138# Lint level for what to happen when a crate from a git repository that is not 139# in the allow list is encountered 140unknown-git = "deny" 141# List of URLs for allowed crate registries. Defaults to the crates.io index 142# if not specified. If it is specified but empty, no registries are allowed. 143allow-registry = ["https://github.com/rust-lang/crates.io-index"] 144# List of URLs for allowed Git repositories 145allow-git = [] 146 147[sources.allow-org] 148# 1 or more github.com organizations to allow git sources for 149github = [] 150