2021-06-12 20:18:21 +02:00
|
|
|
[advisories]
|
|
|
|
vulnerability = "deny"
|
|
|
|
unmaintained = "warn"
|
|
|
|
notice = "warn"
|
|
|
|
ignore = []
|
|
|
|
|
|
|
|
[licenses]
|
2021-12-08 18:37:02 +01:00
|
|
|
unlicensed = "warn"
|
2021-06-12 20:18:21 +02:00
|
|
|
allow = []
|
|
|
|
deny = []
|
|
|
|
copyleft = "warn"
|
|
|
|
allow-osi-fsf-free = "either"
|
|
|
|
confidence-threshold = 0.8
|
|
|
|
|
|
|
|
[bans]
|
|
|
|
multiple-versions = "deny"
|
|
|
|
highlight = "all"
|
2022-02-12 18:16:14 +01:00
|
|
|
skip-tree = [
|
2023-01-03 19:53:17 +01:00
|
|
|
# currently duplicated through header, reqwest, tower-http and cookie
|
|
|
|
# C.f. https://github.com/tokio-rs/axum/pull/1641
|
|
|
|
{ name = "base64" },
|
2023-02-07 22:21:00 +01:00
|
|
|
# parking_lot pulls in old versions of windows-sys
|
|
|
|
{ name = "windows-sys" },
|
2023-03-10 12:02:11 +01:00
|
|
|
# old version pulled in by rustls via ring
|
|
|
|
{ name = "spin" },
|
2023-03-18 20:23:27 +01:00
|
|
|
# lots still pulls in syn 1.x
|
|
|
|
{ name = "syn" },
|
2023-03-22 23:42:14 +01:00
|
|
|
# until 1.0 is out we're pulling in both 0.14 and 1.0-rc.x
|
|
|
|
{ name = "hyper" },
|
2023-04-21 10:51:12 +02:00
|
|
|
# pulled in by tracing-subscriber
|
2023-07-05 22:08:11 +02:00
|
|
|
{ name = "regex-syntax" },
|
|
|
|
# pulled in by tracing-subscriber
|
|
|
|
{ name = "regex-automata" },
|
2023-09-16 21:30:48 +02:00
|
|
|
# pulled in by hyper
|
|
|
|
{ name = "socket2" },
|
2024-09-20 19:38:29 +02:00
|
|
|
# hyper-util hasn't upgraded to 0.5 yet, but it's the same service / layer
|
|
|
|
# crates beneath
|
|
|
|
{ name = "tower" },
|
|
|
|
# tower hasn't upgraded to 1.0 yet
|
|
|
|
{ name = "sync_wrapper" },
|
2021-06-19 12:50:33 +02:00
|
|
|
]
|
2021-06-12 20:18:21 +02:00
|
|
|
|
|
|
|
[sources]
|
|
|
|
unknown-registry = "warn"
|
|
|
|
unknown-git = "warn"
|
|
|
|
allow-git = []
|