From 1246b7218e5939d42c2d57b1d7c4534b3a04191a Mon Sep 17 00:00:00 2001 From: Michael Montour Date: Thu, 17 Oct 2024 14:32:20 -0700 Subject: [PATCH] fix: Update "cargo deny" rules to work with current version of the tool (which deprecated certain keywords). The exceptions should be audited and compared with upstream to ensure they are appropriate. Changes to be committed: modified: deny.toml --- deny.toml | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/deny.toml b/deny.toml index b0069153..72c14ef3 100644 --- a/deny.toml +++ b/deny.toml @@ -2,12 +2,17 @@ # More documentation for the advisories section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html [advisories] -vulnerability = "deny" -unmaintained = "warn" -unsound = "warn" +#vulnerability = "deny" +#unmaintained = "warn" +#unsound = "warn" yanked = "warn" -notice = "warn" - +#notice = "warn" +ignore = [ + {id = "RUSTSEC-2021-0141", reason = "Unmaintained dependency inherited from upstream"}, + {id = "RUSTSEC-2022-0071", reason = "Unmaintained dependency inherited from upstream"}, + {id = "RUSTSEC-2024-0320", reason = "Unmaintained dependency inherited from upstream"}, + {id = "RUSTSEC-2024-0336", reason = "Dependency inherited from upstream"}, +] # This section is considered when running `cargo deny check bans`. # More documentation about the 'bans' section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html @@ -33,9 +38,9 @@ skip = [] skip-tree = [] [licenses] -unlicensed = "deny" +#unlicensed = "deny" confidence-threshold = 0.9 -copyleft = "deny" +#copyleft = "deny" # List of explicitly allowed licenses # See https://spdx.org/licenses/ for list of possible licenses @@ -58,6 +63,7 @@ exceptions = [ { allow = ["CC0-1.0"], name = "tiny-keccak" }, { allow = ["Unicode-DFS-2016"], name = "unicode-ident" }, { allow = ["OpenSSL"], name = "ring" }, + { allow = ["OpenSSL"], name="aws-lc-sys" }, # Inherited dependency via rustls ]