# cargo-deny configuration for Synor # https://embarkstudios.github.io/cargo-deny/ # ============================================================================ # Advisories - Security vulnerability database checks # ============================================================================ [advisories] db-path = "~/.cargo/advisory-db" db-urls = ["https://github.com/rustsec/advisory-db"] vulnerability = "deny" unmaintained = "warn" yanked = "warn" notice = "warn" ignore = [ # Add advisory IDs to ignore here if needed # "RUSTSEC-2020-0000", ] # ============================================================================ # Licenses - Allowed license check # ============================================================================ [licenses] unlicensed = "deny" allow = [ "MIT", "Apache-2.0", "BSD-2-Clause", "BSD-3-Clause", "ISC", "Zlib", "0BSD", "CC0-1.0", "Unicode-DFS-2016", "MPL-2.0", "BSL-1.0", ] copyleft = "warn" allow-osi-fsf-free = "either" default = "deny" confidence-threshold = 0.8 [[licenses.clarify]] name = "ring" expression = "MIT AND ISC AND OpenSSL" license-files = [ { path = "LICENSE", hash = 0xbd0eed23 }, ] # ============================================================================ # Bans - Specific crate bans # ============================================================================ [bans] multiple-versions = "warn" wildcards = "allow" highlight = "all" deny = [ # Deny crates with known security issues # { name = "example-crate", version = "*" }, ] skip = [ # Allow specific duplicate versions if needed ] skip-tree = [ # Skip entire dependency trees if needed ] # ============================================================================ # Sources - Allowed crate sources # ============================================================================ [sources] unknown-registry = "warn" unknown-git = "warn" allow-registry = ["https://github.com/rust-lang/crates.io-index"] allow-git = [] [sources.allow-org] github = [ "synor", "pqcrypto", ]