mirror of
https://github.com/marcoallegretti/karapace.git
synced 2026-03-26 21:43:09 +00:00
78d40c0d0a
- Cargo workspace with 9 crates - EUPL-1.2 license - cargo-deny configuration for license/advisory auditing - .gitignore for target/, docu_dev/, editor files
45 lines
1 KiB
TOML
45 lines
1 KiB
TOML
# cargo-deny configuration — supply-chain hardening
|
|
# https://embarkstudios.github.io/cargo-deny/
|
|
|
|
[graph]
|
|
all-features = true
|
|
|
|
[advisories]
|
|
# Lint level for crates with security vulnerabilities
|
|
version = 2
|
|
# Only flag unmaintained crates that are direct workspace dependencies
|
|
unmaintained = "workspace"
|
|
|
|
[licenses]
|
|
# Only allow these licenses
|
|
allow = [
|
|
"MIT",
|
|
"Apache-2.0",
|
|
"BSD-2-Clause",
|
|
"BSD-3-Clause",
|
|
"ISC",
|
|
"Unicode-3.0",
|
|
"Unicode-DFS-2016",
|
|
"OpenSSL",
|
|
"Zlib",
|
|
"BSL-1.0",
|
|
"CC0-1.0",
|
|
"EUPL-1.2",
|
|
"MPL-2.0",
|
|
"CDLA-Permissive-2.0",
|
|
]
|
|
confidence-threshold = 0.8
|
|
|
|
[bans]
|
|
# Deny multiple versions of the same crate (warn only — too strict for initial rollout)
|
|
multiple-versions = "warn"
|
|
# Workspace crates use `workspace = true` which cargo-deny sees as wildcards
|
|
wildcards = "allow"
|
|
highlight = "all"
|
|
|
|
[sources]
|
|
# Only allow crates from crates.io
|
|
unknown-registry = "deny"
|
|
unknown-git = "deny"
|
|
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|
|
allow-git = []
|