Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ban async-std and old hyper and tokio versions #7380

Merged
merged 3 commits into from
Dec 19, 2024
+11 −2
Merged

Ban async-std and old hyper and tokio versions #7380

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d29b2ad
Forbid old hyper and async-std
faern Dec 19, 2024
e2bc1a6
Restructure cargo bans section
faern Dec 19, 2024
2a8442f
Forbid tokio 0.x
faern Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 11 additions & 2 deletions deny.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,13 +75,22 @@ wildcards = "warn"
highlight = "all"

deny = [
# We are using Rustls for TLS. We don't want to accidentally pull in
# anything OpenSSL related
## Alternative ecosystems that we don't want to accidentally pull in.
## Having multiple large ecosystems solving the same problem can often be problematic,
## and also expensive from a compile time/binary size/supply chain security perspective.

# We are using Rustls, so we want to avoid OpenSSL
{ name = "openssl-sys" },
{ name = "openssl-src" },
{ name = "openssl-probe" },
# We are using tokio, so we want to avoid async-std
{ name = "async-std" },

## Older versions of crates where we only want to use the newer variants
{ name = "clap", version = "2" },
{ name = "clap", version = "3" },
{ name = "hyper", version = "0" },
{ name = "tokio", version = "0" },
{ name = "time", version = "0.1"},
]

Expand Down
Loading