forked from bottlerocket-os/twoliter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeny.toml
107 lines (96 loc) · 3.27 KB
/
deny.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
[licenses]
# We want really high confidence when inferring licenses from text
confidence-threshold = 0.93
# Commented license types are allowed but not currently used
allow = [
"Apache-2.0",
"Apache-2.0 WITH LLVM-exception",
# "BSD-2-Clause",
"BSD-3-Clause",
"BSL-1.0",
# "CC0-1.0",
"ISC",
"MIT",
"OpenSSL",
"Unlicense",
"Zlib",
]
exceptions = [
{ name = "webpki-roots", allow = ["MPL-2.0"], version = "*" },
{ name = "unicode-ident", version = "1.0.4", allow = ["MIT", "Apache-2.0", "Unicode-DFS-2016"] },
]
# https://github.com/hsivonen/encoding_rs The non-test code that isn't generated from the WHATWG data in this crate is
# under Apache-2.0 OR MIT. Test code is under CC0.
[[licenses.clarify]]
name = "encoding_rs"
version = "0.8.30"
expression = "(Apache-2.0 OR MIT) AND BSD-3-Clause"
license-files = [
{ path = "COPYRIGHT", hash = 0x39f8ad31 }
]
[[licenses.clarify]]
name = "ring"
expression = "MIT AND ISC AND OpenSSL"
license-files = [
{ path = "LICENSE", hash = 0xbd0eed23 },
]
[[licenses.clarify]]
name = "webpki"
expression = "ISC"
license-files = [
{ path = "LICENSE", hash = 0x001c7e6c },
]
[[licenses.clarify]]
name = "rustls-webpki"
expression = "ISC"
license-files = [
{ path = "LICENSE", hash = 0x001c7e6c },
]
[bans]
# Deny multiple versions or wildcard dependencies.
multiple-versions = "deny"
wildcards = "deny"
skip = [
# several dependencies are using multiple versions of base64
{ name = "base64" },
# several dependencies are using an old version of bitflags
{ name = "bitflags", version = "=1.3" },
# dependencies are using different versions of event-listener
{ name = "event-listener", version = "=4" },
# dependencies are using different versions of event-listener-strategy
{ name = "event-listener-strategy", version = "=0.4" },
# multiple deps are using an older version of hashbrown
{ name = "hashbrown", version = "=0.12" },
# multiple deps are using an older version of indexmap
{ name = "indexmap", version = "1" },
# dependencies are using different versions of heck
{ name = "heck", version = "=0.4" },
# dependencies are using different versions of http
{ name = "http", version = "=0.2" },
# kube-client uses an older version of pem
{ name = "pem", version = "=1" },
# several dependencies are using an old version of serde_yaml
{ name = "serde_yaml", version = "=0.8" },
# dependencies are using different versions of snafu
{ name = "snafu", version = "=0.7" },
# dependencies are using different versions of snafu-derive
{ name = "snafu-derive", version = "=0.7" },
# dependencies are using different versions of strsim
{ name = "strsim", version = "=0.10" },
# multiple deps are using an older version of syn
{ name = "syn", version = "1" },
]
skip-tree = [
# windows-sys is not a direct dependency. mio and schannel
# are using different versions of windows-sys. we skip the
# dependency tree because windows-sys has many sub-crates
# that differ in major version.
{ name = "windows-sys" },
]
[sources]
allow-git = [
"https://github.com/bottlerocket-os/bottlerocket-test-system",
]
# Deny crates from unknown registries or git repositories.
unknown-registry = "deny"
unknown-git = "deny"