mirror of
https://github.com/getnora-io/nora.git
synced 2026-04-12 20:50:31 +00:00
devitway
233b83f902
- gitleaks, cargo audit, trivy fs now block pipeline on findings - add smoke test (docker run + curl /health) in release workflow - deny.toml: add review date to RUSTSEC-2025-0119 ignore - remove unused validation functions (maven, npm, crate) - replace blanket #![allow(dead_code)] with targeted allows
41 lines
875 B
TOML
41 lines
875 B
TOML
# cargo-deny configuration
|
|
# https://embarkstudios.github.io/cargo-deny/
|
|
|
|
[advisories]
|
|
# Vulnerability database (RustSec)
|
|
db-urls = ["https://github.com/rustsec/advisory-db"]
|
|
ignore = [
|
|
"RUSTSEC-2025-0119", # number_prefix unmaintained via indicatif; no fix available. Review by 2026-06-15
|
|
]
|
|
|
|
[licenses]
|
|
# Allowed open-source licenses
|
|
allow = [
|
|
"MIT",
|
|
"Apache-2.0",
|
|
"Apache-2.0 WITH LLVM-exception",
|
|
"BSD-2-Clause",
|
|
"BSD-3-Clause",
|
|
"ISC",
|
|
"Unicode-DFS-2016",
|
|
"Unicode-3.0",
|
|
"CC0-1.0",
|
|
"OpenSSL",
|
|
"Zlib",
|
|
"CDLA-Permissive-2.0", # webpki-roots (CA certificates bundle)
|
|
"MPL-2.0",
|
|
]
|
|
|
|
[bans]
|
|
multiple-versions = "warn"
|
|
deny = [
|
|
{ name = "openssl-sys" },
|
|
{ name = "openssl" },
|
|
]
|
|
skip = []
|
|
|
|
[sources]
|
|
unknown-registry = "warn"
|
|
unknown-git = "warn"
|
|
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|