secretumvault/deny.toml

# Generated by dev-system/ci
# Configuration for cargo-deny
# See: https://embarkstudios.github.io/cargo-deny/

[advisories]
# The path where the advisory database is cloned/fetched into
db-path = "~/.cargo/advisory-db"
# The url(s) of the advisory databases to use
db-urls = ["https://github.com/rustsec/advisory-db"]
# How to handle crates with security vulnerabilities
vulnerability = "deny"
# How to handle unmaintained crates
unmaintained = "warn"
# How to handle crates that have been yanked from crates.io
yanked = "warn"

[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "deny"
# List of explicitly allowed licenses
allow = [
    "MIT",
    "MIT-0",
    "Apache-2.0",
    "Apache-2.0 WITH LLVM-exception",
    "BSD-2-Clause",
    "BSD-3-Clause",
    "ISC",
    "Unicode-DFS-2016",
]
# List of explicitly disallowed licenses
deny = [
    "GPL-2.0",
    "GPL-3.0",
    "AGPL-3.0",
]
# Lint level for licenses considered copyleft
copyleft = "warn"
# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses
allow-osi-fsf-free = "both"
# Lint level used when no other predicates are matched
default = "deny"

[bans]
# Lint level for when multiple versions of the same crate are detected
multiple-versions = "warn"
# Lint level for when an allow-listed crate is detected without an exact version
allow = [
    # Each entry can be just the name and an optional wildcard version.
    # This would ideally be pulled from Cargo.lock deps to keep up to date
    # but that is more complex. It depends on the use case.
]
# Each entry must be a single version number
deny = [
    # Each entry is a crate name. Optionally with a version
]
# Certain crates/versions that will be skipped when doing duplicate detection
skip = [
    # { name = "ansi_term", version = "<= 0.11.0" }
]
# Similarly named crates that are allowed to coexist
skip-tree = [
    # { name = "windows", version = "<=0.46.0" }
]

[sources]
# Lint level for what to happen when a crate from a crate registry that is not in the allow list is detected
unknown-registry = "deny"
# Lint level for what to happen when a crate from a Git repository that is not in the allow list is detected
unknown-git = "deny"
# The allow list of crate registries
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
# The allow list of Git repositories
allow-git = []
chore: add CI/CD files and .typedialog for ci settings 2025-12-29 04:19:26 +00:00			`# Generated by dev-system/ci`
			`# Configuration for cargo-deny`
			`# See: https://embarkstudios.github.io/cargo-deny/`

			`[advisories]`
			`# The path where the advisory database is cloned/fetched into`
			`db-path = "~/.cargo/advisory-db"`
			`# The url(s) of the advisory databases to use`
			`db-urls = ["https://github.com/rustsec/advisory-db"]`
			`# How to handle crates with security vulnerabilities`
			`vulnerability = "deny"`
			`# How to handle unmaintained crates`
			`unmaintained = "warn"`
			`# How to handle crates that have been yanked from crates.io`
			`yanked = "warn"`

			`[licenses]`
			`# The lint level for crates which do not have a detectable license`
			`unlicensed = "deny"`
			`# List of explicitly allowed licenses`
			`allow = [`
			`"MIT",`
			`"MIT-0",`
			`"Apache-2.0",`
			`"Apache-2.0 WITH LLVM-exception",`
			`"BSD-2-Clause",`
			`"BSD-3-Clause",`
			`"ISC",`
			`"Unicode-DFS-2016",`
			`]`
			`# List of explicitly disallowed licenses`
			`deny = [`
			`"GPL-2.0",`
			`"GPL-3.0",`
			`"AGPL-3.0",`
			`]`
			`# Lint level for licenses considered copyleft`
			`copyleft = "warn"`
			`# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses`
			`allow-osi-fsf-free = "both"`
			`# Lint level used when no other predicates are matched`
			`default = "deny"`

			`[bans]`
			`# Lint level for when multiple versions of the same crate are detected`
			`multiple-versions = "warn"`
			`# Lint level for when an allow-listed crate is detected without an exact version`
			`allow = [`
			`# Each entry can be just the name and an optional wildcard version.`
			`# This would ideally be pulled from Cargo.lock deps to keep up to date`
			`# but that is more complex. It depends on the use case.`
			`]`
			`# Each entry must be a single version number`
			`deny = [`
			`# Each entry is a crate name. Optionally with a version`
			`]`
			`# Certain crates/versions that will be skipped when doing duplicate detection`
			`skip = [`
			`# { name = "ansi_term", version = "<= 0.11.0" }`
			`]`
			`# Similarly named crates that are allowed to coexist`
			`skip-tree = [`
			`# { name = "windows", version = "<=0.46.0" }`
			`]`

			`[sources]`
			`# Lint level for what to happen when a crate from a crate registry that is not in the allow list is detected`
			`unknown-registry = "deny"`
			`# Lint level for what to happen when a crate from a Git repository that is not in the allow list is detected`
			`unknown-git = "deny"`
			`# The allow list of crate registries`
			`allow-registry = ["https://github.com/rust-lang/crates.io-index"]`
			`# The allow list of Git repositories`
			`allow-git = []`