egui/deny.toml

76 lines
3.1 KiB
TOML
Raw Normal View History

# https://embarkstudios.github.io/cargo-deny/
targets = [
{ triple = "aarch64-apple-darwin" },
{ triple = "aarch64-linux-android" },
{ triple = "wasm32-unknown-unknown" },
{ triple = "x86_64-apple-darwin" },
{ triple = "x86_64-pc-windows-msvc" },
{ triple = "x86_64-unknown-linux-gnu" },
{ triple = "x86_64-unknown-linux-musl" },
]
[advisories]
vulnerability = "deny"
unmaintained = "warn"
yanked = "deny"
ignore = [
"RUSTSEC-2020-0071", # https://rustsec.org/advisories/RUSTSEC-2020-0071 - chrono/time: Potential segfault in the time crate
"RUSTSEC-2020-0159", # https://rustsec.org/advisories/RUSTSEC-2020-0159 - chrono/time: Potential segfault in localtime_r invocations
"RUSTSEC-2021-0127", # https://rustsec.org/advisories/RUSTSEC-2021-0127 - https://github.com/bheisler/criterion.rs/issues/534
]
[bans]
multiple-versions = "deny"
wildcards = "allow" # at least until https://github.com/EmbarkStudios/cargo-deny/issues/241 is fixed
deny = [
{ name = "openssl" }, # prefer rustls
{ name = "openssl-sys" }, # prefer rustls
]
skip = [
{ name = "ahash" }, # old version via dark-light
{ name = "arrayvec" }, # old version via tiny-skiaz
{ name = "hashbrown" }, # old version via dark-light
{ name = "time" }, # old version pulled in by unmaintianed crate 'chrono'
{ name = "ttf-parser" }, # different versions pulled in by ab_glyph and usvg
]
skip-tree = [
{ name = "criterion" }, # dev-dependency
{ name = "glium" }, # legacy crate, lots of old dependencies
cargo update (#1794) * cargo update Updating crates.io index Updating anyhow v1.0.57 -> v1.0.58 Updating arboard v2.1.0 -> v2.1.1 Updating async-broadcast v0.3.4 -> v0.4.0 Updating async-io v1.6.0 -> v1.7.0 Updating async-trait v0.1.53 -> v0.1.56 Updating bindgen v0.59.2 -> v0.60.1 Updating bumpalo v3.9.1 -> v3.10.0 Updating bytemuck v1.9.1 -> v1.10.0 Updating cfg-expr v0.10.2 -> v0.10.3 Updating clang-sys v1.3.1 -> v1.3.3 Adding clap v3.2.8 Adding clap_lex v0.2.4 Updating crossbeam-channel v0.5.4 -> v0.5.5 Updating crossbeam-epoch v0.9.8 -> v0.9.9 Updating crossbeam-utils v0.8.8 -> v0.8.10 Updating dyn-clone v1.0.5 -> v1.0.6 Updating either v1.6.1 -> v1.7.0 Updating enum-map v2.1.0 -> v2.4.0 Updating enum-map-derive v0.8.0 -> v0.9.0 Updating flate2 v1.0.23 -> v1.0.24 Updating getrandom v0.2.6 -> v0.2.7 Updating gif v0.11.3 -> v0.11.4 Adding hashbrown v0.12.1 Updating indexmap v1.8.1 -> v1.9.1 Updating itoa v1.0.1 -> v1.0.2 Updating jpeg-decoder v0.2.4 -> v0.2.6 Updating linked-hash-map v0.5.4 -> v0.5.6 Updating log v0.4.16 -> v0.4.17 Updating memmap2 v0.5.3 -> v0.5.4 Updating miniz_oxide v0.5.1 -> v0.5.3 Updating mio v0.8.2 -> v0.8.4 Removing miow v0.3.7 Adding nix v0.24.1 Removing ntapi v0.3.7 Updating num-rational v0.4.0 -> v0.4.1 Updating num-traits v0.2.14 -> v0.2.15 Updating num_threads v0.1.5 -> v0.1.6 Updating object v0.28.3 -> v0.28.4 Updating once_cell v1.10.0 -> v1.12.0 Adding os_str_bytes v6.1.0 Updating parking_lot v0.12.0 -> v0.12.1 Updating parking_lot_core v0.9.1 -> v0.9.3 Updating proc-macro2 v1.0.37 -> v1.0.40 Updating profiling v1.0.5 -> v1.0.6 Updating puffin v0.13.1 -> v0.13.3 Updating quote v1.0.18 -> v1.0.20 Updating rayon v1.5.2 -> v1.5.3 Updating rayon-core v1.9.2 -> v1.9.3 Updating regex v1.5.5 -> v1.5.6 Updating regex-syntax v0.6.25 -> v0.6.26 Adding remove_dir_all v0.5.3 Updating rfd v0.8.0 -> v0.8.4 Updating rgb v0.8.32 -> v0.8.33 Updating ron v0.7.0 -> v0.7.1 Updating rustls v0.20.4 -> v0.20.6 Updating rustybuzz v0.5.0 -> v0.5.1 Updating ryu v1.0.9 -> v1.0.10 Updating semver v1.0.7 -> v1.0.12 Updating serde v1.0.136 -> v1.0.138 Updating serde_derive v1.0.136 -> v1.0.138 Updating serde_json v1.0.79 -> v1.0.82 Updating serde_repr v0.1.7 -> v0.1.8 Updating smallvec v1.8.0 -> v1.9.0 Adding smithay-client-toolkit v0.16.0 Updating smithay-clipboard v0.6.5 -> v0.6.6 Updating str-buf v1.0.5 -> v1.0.6 Removing strsim v0.8.0 Updating svgtypes v0.8.0 -> v0.8.1 Updating syn v1.0.92 -> v1.0.98 Adding tempfile v3.3.0 Adding textwrap v0.15.0 Updating thiserror v1.0.30 -> v1.0.31 Updating thiserror-impl v1.0.30 -> v1.0.31 Removing time v0.1.43 Removing time v0.3.9 Adding time v0.1.44 Adding time v0.3.11 Updating tiny-skia v0.6.3 -> v0.6.6 Updating tracing v0.1.34 -> v0.1.35 Updating tracing-attributes v0.1.21 -> v0.1.22 Updating tracing-core v0.1.26 -> v0.1.28 Updating tracing-subscriber v0.3.11 -> v0.3.14 Updating ttf-parser v0.15.0 -> v0.15.2 Updating tts v0.20.3 -> v0.20.4 Updating twox-hash v1.6.2 -> v1.6.3 Adding uds_windows v1.0.2 Adding unicode-ident v1.0.1 Updating unicode-normalization v0.1.19 -> v0.1.21 Removing vec_map v0.8.2 Updating wasi v0.10.2+wasi-snapshot-preview1 -> v0.10.0+wasi-snapshot-preview1 Updating wgpu v0.13.0 -> v0.13.1 Updating wgpu-core v0.13.0 -> v0.13.1 Updating wgpu-hal v0.13.0 -> v0.13.1 Removing windows v0.32.0 Adding windows v0.33.0 Adding windows v0.37.0 Updating windows-sys v0.32.0 -> v0.36.1 Removing windows_aarch64_msvc v0.32.0 Adding windows_aarch64_msvc v0.33.0 Adding windows_aarch64_msvc v0.36.1 Adding windows_aarch64_msvc v0.37.0 Removing windows_i686_gnu v0.32.0 Adding windows_i686_gnu v0.33.0 Adding windows_i686_gnu v0.36.1 Adding windows_i686_gnu v0.37.0 Removing windows_i686_msvc v0.32.0 Adding windows_i686_msvc v0.33.0 Adding windows_i686_msvc v0.36.1 Adding windows_i686_msvc v0.37.0 Removing windows_x86_64_gnu v0.32.0 Adding windows_x86_64_gnu v0.33.0 Adding windows_x86_64_gnu v0.36.1 Adding windows_x86_64_gnu v0.37.0 Removing windows_x86_64_msvc v0.32.0 Adding windows_x86_64_msvc v0.33.0 Adding windows_x86_64_msvc v0.36.1 Adding windows_x86_64_msvc v0.37.0 Updating zbus v2.1.1 -> v2.3.2 Updating zbus_macros v2.1.1 -> v2.3.2 Updating zstd v0.10.0+zstd.1.5.2 -> v0.11.2+zstd.1.5.2 Updating zstd-safe v4.1.4+zstd.1.5.2 -> v5.0.2+zstd.1.5.2 Updating zstd-sys v1.6.3+zstd.1.5.2 -> v2.0.1+zstd.1.5.2 Updating zvariant v3.1.2 -> v3.4.1 Updating zvariant_derive v3.1.2 -> v3.4.1 ❯ cargo update -p smithay-clipboard --precise 0.6.5 Updating crates.io index Removing nix v0.24.1 Removing smithay-client-toolkit v0.16.0 Updating smithay-clipboard v0.6.6 -> v0.6.5 * Downgrade enum-map so we can build with rust 1.60 * update syntect * Update usvg and resvg * Fix syntect update * Update tts to 0.22 * Make egui_demo_app compile for wasm with wgpu feature This broke in https://github.com/emilk/egui/pull/1781 * Ignore rfd tree in deny.toml * Revert "Update tts to 0.22" This reverts commit 2e1280b61ef9422c76491ab718ad8da105657097. * Explain why tts is stuck on an old version * Downgrade `rfd` to avoid problems with duplicate `windows` crate
2022-07-04 02:12:57 +08:00
{ name = "rfd" }, # example dependency
{ name = "three-d" }, # example dependency
]
[licenses]
unlicensed = "deny"
allow-osi-fsf-free = "neither"
confidence-threshold = 0.92 # We want really high confidence when inferring licenses from text
copyleft = "deny"
allow = [
"Apache-2.0", # https://tldrlegal.com/license/apache-license-2.0-(apache-2.0)
"BSD-2-Clause", # https://tldrlegal.com/license/bsd-2-clause-license-(freebsd)
"BSD-3-Clause", # https://tldrlegal.com/license/bsd-3-clause-license-(revised)
"BSL-1.0", # https://tldrlegal.com/license/boost-software-license-1.0-explained
"CC0-1.0", # https://creativecommons.org/publicdomain/zero/1.0/
"ISC", # https://tldrlegal.com/license/-isc-license
"LicenseRef-UFL-1.0", # https://tldrlegal.com/license/ubuntu-font-license,-1.0 - no official SPDX, see https://github.com/emilk/egui/issues/2321
"MIT", # https://tldrlegal.com/license/mit-license
"MPL-2.0", # https://www.mozilla.org/en-US/MPL/2.0/FAQ/ - see Q11
"OFL-1.1", # https://spdx.org/licenses/OFL-1.1.html
"OpenSSL", # https://www.openssl.org/source/license.html
"Unicode-DFS-2016", # https://spdx.org/licenses/Unicode-DFS-2016.html
"Zlib", # https://tldrlegal.com/license/zlib-libpng-license-(zlib)
]
[[licenses.clarify]]
name = "webpki"
expression = "ISC"
license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
[[licenses.clarify]]
name = "ring"
expression = "MIT AND ISC AND OpenSSL"
license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]