Merge "Config for cargo-deny" into main
diff --git a/pseudo_crate/deny.toml b/pseudo_crate/deny.toml
index bd776cf..a913d1c 100644
--- a/pseudo_crate/deny.toml
+++ b/pseudo_crate/deny.toml
@@ -30,6 +30,13 @@
# particular target. target_features are currently not validated against
# the actual valid features supported by the target architecture.
#{ triple = "wasm32-unknown-unknown", features = ["atomics"] },
+ "aarch64-linux-android",
+ "armv7-linux-androideabi",
+ "i686-linux-android",
+ "i686-unknown-linux-gnu",
+ "riscv64-linux-android",
+ "x86_64-linux-android",
+ "x86_64-unknown-linux-gnu",
]
# When creating the dependency graph used as the source of truth when checks are
# executed, this field can be used to prune crates from the graph, removing them
@@ -64,9 +71,9 @@
# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
[advisories]
# The path where the advisory databases are cloned/fetched into
-#db-path = "$CARGO_HOME/advisory-dbs"
+db-path = "$CARGO_HOME/advisory-dbs"
# The url(s) of the advisory databases to use
-#db-urls = ["https://github.com/rustsec/advisory-db"]
+db-urls = ["https://github.com/rustsec/advisory-db"]
# A list of advisory IDs to ignore. Note that ignored advisories will still
# output a note when they are encountered.
ignore = [
@@ -89,6 +96,18 @@
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.11 short identifier (+ optional exception)].
allow = [
+ "0BSD",
+ "Apache-2.0",
+ "Apache-2.0 WITH LLVM-exception",
+ "BSD-2-Clause",
+ "BSD-3-Clause",
+ "CC0-1.0",
+ "ISC",
+ "MIT",
+ "MPL-2.0",
+ "OpenSSL",
+ "Unicode-DFS-2016",
+ "Zlib",
#"MIT",
#"Apache-2.0",
#"Apache-2.0 WITH LLVM-exception",
@@ -109,20 +128,20 @@
# Some crates don't have (easily) machine readable licensing information,
# adding a clarification entry for it allows you to manually specify the
# licensing information
-#[[licenses.clarify]]
+[[licenses.clarify]]
# The package spec the clarification applies to
-#crate = "ring"
+crate = "ring"
# The SPDX expression for the license requirements of the crate
-#expression = "MIT AND ISC AND OpenSSL"
+expression = "MIT AND ISC AND OpenSSL"
# One or more files in the crate's source used as the "source of truth" for
# the license expression. If the contents match, the clarification will be used
# when running the license check, otherwise the clarification will be ignored
# and the crate will be checked normally, which may produce warnings or errors
# depending on the rest of your configuration
-#license-files = [
+license-files = [
# Each entry is a crate relative path, and the (opaque) hash of its contents
-#{ path = "LICENSE", hash = 0xbd0eed23 }
-#]
+{ path = "LICENSE", hash = 0xbd0eed23 }
+]
[licenses.private]
# If true, ignores workspace crates that aren't published, or are only
@@ -142,7 +161,7 @@
# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
[bans]
# Lint level for when multiple versions of the same crate are detected
-multiple-versions = "warn"
+multiple-versions = "allow"
# Lint level for when a crate version requirement is `*`
wildcards = "allow"
# The graph highlighting used when creating dotgraphs for crates
