38 lines
1.1 KiB
TOML
38 lines
1.1 KiB
TOML
|
# Generated by dev-system/ci
|
||
|
|
# cargo-audit configuration for security vulnerability scanning
|
||
|
|
|
||
|
|
# Database configuration
|
||
|
|
[advisories]
|
||
|
|
# The database path
|
||
|
|
db-path = "~/.cargo/advisory-db"
|
||
|
|
|
||
|
|
# Advisory database URLs
|
||
|
|
db-urls = ["https://github.com/rustsec/advisory-db"]
|
||
|
|
|
||
|
|
# How to handle different kinds of advisories
|
||
|
|
# "allow" - Pass the check despite the warning
|
||
|
|
# "warn" - Pass the check but warn about the issue
|
||
|
|
# "deny" - Fail the check
|
||
|
|
deny = ["unmaintained", "unsound", "yanked"]
|
||
|
|
|
||
|
|
# Specific vulnerability IDs to ignore (in case of false positives)
|
||
|
|
# You can use: https://rustsec.org/
|
||
|
|
ignore = [
|
||
|
|
# Example: { id = "RUSTSEC-2023-XXXX", reason = "Not applicable to our use case" }
|
||
|
|
]
|
||
|
|
|
||
|
|
# How to handle vulnerabilities based on severity
|
||
|
|
[output]
|
||
|
|
# Deny on high severity vulnerabilities
|
||
|
|
deny = ["high", "critical"]
|
||
|
|
# Warn on medium severity vulnerabilities
|
||
|
|
warn = ["medium", "low"]
|
||
|
|
# Advisory format: "terminal", "json"
|
||
|
|
format = "terminal"
|
||
|
|
|
||
|
|
# Target configuration
|
||
|
|
[target]
|
||
|
|
# Check only specific targets
|
||
|
|
# Uncomment to restrict to specific target triples
|
||
|
|
# triple = "x86_64-unknown-linux-gnu"
|