axum/deny.toml

[advisories]
vulnerability = "deny"
unmaintained = "warn"
notice = "warn"
ignore = []

[licenses]
unlicensed = "warn"
allow = []
deny = []
copyleft = "warn"
allow-osi-fsf-free = "either"
confidence-threshold = 0.8

[bans]
multiple-versions = "deny"
highlight = "all"
skip-tree = [
    # currently duplicated through header, reqwest, tower-http and cookie
    # C.f. https://github.com/tokio-rs/axum/pull/1641
    { name = "base64" },
    # parking_lot pulls in old versions of windows-sys
    { name = "windows-sys" },
    # old version pulled in by rustls via ring
    { name = "spin" },
    # lots still pulls in syn 1.x
    { name = "syn" },
    # until 1.0 is out we're pulling in both 0.14 and 1.0-rc.x
    { name = "hyper" },
    # pulled in by tracing-subscriber
    { name = "regex-syntax" },
    # pulled in by tracing-subscriber
    { name = "regex-automata" },
    # pulled in by hyper
    { name = "socket2" },
    # hyper-util hasn't upgraded to 0.5 yet, but it's the same service / layer
    # crates beneath
    { name = "tower" },
    # tower hasn't upgraded to 1.0 yet
    { name = "sync_wrapper" },
]

[sources]
unknown-registry = "warn"
unknown-git = "warn"
allow-git = []
Misc repo setup (#7) 2021-06-13 02:18:21 +08:00			`[advisories]`
			`vulnerability = "deny"`
			`unmaintained = "warn"`
			`notice = "warn"`
			`ignore = []`

			`[licenses]`
Clean up deny.toml (#597) 2021-12-09 01:37:02 +08:00			`unlicensed = "warn"`
Misc repo setup (#7) 2021-06-13 02:18:21 +08:00			`allow = []`
			`deny = []`
			`copyleft = "warn"`
			`allow-osi-fsf-free = "either"`
			`confidence-threshold = 0.8`

			`[bans]`
			`multiple-versions = "deny"`
			`highlight = "all"`
Update dependencies (#753) 2022-02-13 01:16:14 +08:00			`skip-tree = [`
Update deny.toml bans (#1668) 2023-01-04 02:53:17 +08:00			`# currently duplicated through header, reqwest, tower-http and cookie`
			`# C.f. https://github.com/tokio-rs/axum/pull/1641`
			`{ name = "base64" },`
Ignore duplicate dependencies pulled in by `windows-sys` 2023-02-08 05:21:00 +08:00			`# parking_lot pulls in old versions of windows-sys`
			`{ name = "windows-sys" },`
Re-integrate examples into the root workspace (#1466) Co-authored-by: David Pedersen <david.pdrsn@gmail.com> 2023-03-10 19:02:11 +08:00			`# old version pulled in by rustls via ring`
			`{ name = "spin" },`
Update to syn 2 (#1862) 2023-03-19 03:23:27 +08:00			`# lots still pulls in syn 1.x`
			`{ name = "syn" },`
Add `serve` function and remove `Server` re-export (#1868) 2023-03-23 06:42:14 +08:00			`# until 1.0 is out we're pulling in both 0.14 and 1.0-rc.x`
			`{ name = "hyper" },`
Allow duplicate regex-syntax in examples 2023-04-21 16:51:12 +08:00			`# pulled in by tracing-subscriber`
Remove `bitflags` crate dependency (#2073) Co-authored-by: David Pedersen <david.pdrsn@gmail.com> 2023-07-06 04:08:11 +08:00			`{ name = "regex-syntax" },`
			`# pulled in by tracing-subscriber`
			`{ name = "regex-automata" },`
fix cargo-deny 2023-09-17 03:30:48 +08:00			`# pulled in by hyper`
			`{ name = "socket2" },`
ci: Add more allowances for multiple version of the same crate 2024-09-21 01:38:29 +08:00			`# hyper-util hasn't upgraded to 0.5 yet, but it's the same service / layer`
			`# crates beneath`
			`{ name = "tower" },`
			`# tower hasn't upgraded to 1.0 yet`
			`{ name = "sync_wrapper" },`
Generic request body (#22) Fixes #21 2021-06-19 18:50:33 +08:00			`]`
Misc repo setup (#7) 2021-06-13 02:18:21 +08:00
			`[sources]`
			`unknown-registry = "warn"`
			`unknown-git = "warn"`
			`allow-git = []`