96 lines
3.7 KiB
TOML
96 lines
3.7 KiB
TOML
# Note that all fields that take a lint level have these possible values:
|
|
# * deny - An error will be produced and the check will fail
|
|
# * warn - A warning will be produced, but the check will not fail
|
|
# * allow - No warning or error will be produced, though in some cases a note
|
|
# will be
|
|
|
|
# This section is considered when running `cargo deny check bans`.
|
|
# More documentation about the 'bans' section can be found here:
|
|
# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
|
|
[bans]
|
|
# Lint level for when multiple versions of the same crate are detected
|
|
multiple-versions = "deny"
|
|
# The graph highlighting used when creating dotgraphs for crates
|
|
# with multiple versions
|
|
# * lowest-version - The path to the lowest versioned duplicate is highlighted
|
|
# * simplest-path - The path to the version with the fewest edges is highlighted
|
|
# * all - Both lowest-version and simplest-path are used
|
|
highlight = "all"
|
|
|
|
# List of crates that are allowed. Use with care!
|
|
allow = [
|
|
#{ name = "ansi_term", version = "=0.11.0" },
|
|
]
|
|
|
|
# Certain crates/versions that will be skipped when doing duplicate detection.
|
|
skip = [
|
|
#{ name = "ansi_term", version = "=0.11.0" },
|
|
]
|
|
# Similarly to `skip` allows you to skip certain crates during duplicate
|
|
# detection. Unlike skip, it also includes the entire tree of transitive
|
|
# dependencies starting at the specified crate, up to a certain depth, which is
|
|
# by default infinite
|
|
skip-tree = [
|
|
# ticket #2983: criterion dependencies
|
|
{ name = "criterion", version = "=0.3.5" },
|
|
|
|
# ticket #3000: tower-fallback dependencies
|
|
{ name = "pin-project", version = "=0.4.29" },
|
|
|
|
# ticket #3063: redjubjub dependencies
|
|
{ name = "redjubjub", version = "=0.4.0" },
|
|
|
|
# ticket #3315: ordered-map dependencies that should be dev-dependencies
|
|
{ name = "ordered-map", version = "=0.4.2" },
|
|
|
|
# ticket #2984: owo-colors dependencies
|
|
{ name = "color-eyre", version = "=0.5.11" },
|
|
|
|
# ticket #2980: inferno and orchard/cryptographic dependencies
|
|
{ name = "orchard", version = "=0.0.0" },
|
|
|
|
# upgrade orchard from deprecated `bigint` to `uint`: https://github.com/zcash/orchard/issues/219
|
|
{ name = "bigint", version = "=4.4.3" },
|
|
|
|
# upgrade sentry, metrics-exporter-prometheus, reqwest, hyper,
|
|
# which needs #2953: upgrade tracing to the latest major version
|
|
#
|
|
# also wait for tower-test and tokio-test to upgrade
|
|
{ name = "tokio-util", version = "=0.6.9" },
|
|
{ name = "tracing-subscriber", version = "=0.1.6" },
|
|
|
|
# upgrade abscissa and arti
|
|
{ name = "darling", version = "=0.10.2" },
|
|
|
|
# recent major version bumps
|
|
# we should re-check these dependencies in February 2022
|
|
|
|
# wait for lots of crates in the cryptographic ecosystem to upgrade
|
|
{ name = "rand", version = "=0.7.3" },
|
|
]
|
|
|
|
# This section is considered when running `cargo deny check sources`.
|
|
# More documentation about the 'sources' section can be found here:
|
|
# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html
|
|
[sources]
|
|
# Lint level for what to happen when a crate from a crate registry that is not
|
|
# in the allow list is encountered
|
|
unknown-registry = "deny"
|
|
# Lint level for what to happen when a crate from a git repository that is not
|
|
# in the allow list is encountered
|
|
unknown-git = "deny"
|
|
# List of URLs for allowed crate registries. Defaults to the crates.io index
|
|
# if not specified. If it is specified but empty, no registries are allowed.
|
|
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|
|
# List of URLs for allowed Git repositories
|
|
allow-git = [
|
|
# ticket #2982: librustzcash and orchard git versions
|
|
"https://github.com/str4d/redjubjub",
|
|
]
|
|
|
|
[sources.allow-org]
|
|
github = [
|
|
"ZcashFoundation",
|
|
"zcash",
|
|
]
|