fix: Update "cargo deny" rules to work with current version of the tool

(which deprecated certain keywords). The exceptions should be audited and compared with upstream to ensure they are appropriate. Changes to be committed: modified: deny.toml
bobanetwork · Oct 17, 2024 · 1246b72 · 1246b72
1 parent c5da673
commit 1246b72
Showing 1 changed file with 13 additions and 7 deletions.
diff --git a/deny.toml b/deny.toml
@@ -2,12 +2,17 @@
 # More documentation for the advisories section can be found here:
 # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
 [advisories]
-vulnerability = "deny"
-unmaintained = "warn"
-unsound = "warn"
+#vulnerability = "deny"
+#unmaintained = "warn"
+#unsound = "warn"
 yanked = "warn"
-notice = "warn"
-
+#notice = "warn"
+ignore = [
+    {id = "RUSTSEC-2021-0141", reason = "Unmaintained dependency inherited from upstream"},
+    {id = "RUSTSEC-2022-0071", reason = "Unmaintained dependency inherited from upstream"},
+    {id = "RUSTSEC-2024-0320", reason = "Unmaintained dependency inherited from upstream"},
+    {id = "RUSTSEC-2024-0336", reason = "Dependency inherited from upstream"},
+]
 # This section is considered when running `cargo deny check bans`.
 # More documentation about the 'bans' section can be found here:
 # https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
@@ -33,9 +38,9 @@ skip = []
 skip-tree = []
 
 [licenses]
-unlicensed = "deny"
+#unlicensed = "deny"
 confidence-threshold = 0.9
-copyleft = "deny"
+#copyleft = "deny"
 
 # List of explicitly allowed licenses
 # See https://spdx.org/licenses/ for list of possible licenses
@@ -58,6 +63,7 @@ exceptions = [
     { allow = ["CC0-1.0"], name = "tiny-keccak" },
     { allow = ["Unicode-DFS-2016"], name = "unicode-ident" },
     { allow = ["OpenSSL"], name = "ring" },
+    { allow = ["OpenSSL"], name="aws-lc-sys" },  # Inherited dependency via rustls
 ]