From f7ae0bc3fd2e288fc1c51ccb29d2178fd119709c Mon Sep 17 00:00:00 2001 From: Jordan Doyle Date: Tue, 12 Nov 2024 23:12:59 +0000 Subject: [PATCH] Add cargo-deny --- Cargo.lock | 15 +++------------ Cargo.toml | 2 +- deny.toml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ .github/workflows/ci.yml | 12 ++++++++++-- 4 files changed, 64 insertions(+), 16 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f76cb64..a9dd069 100644 --- a/Cargo.lock +++ a/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 4 +version = 3 [[package]] name = "addr2line" @@ -205,7 +205,7 @@ "bitflags", "cexpr", "clang-sys", - "itertools 0.12.1", + "itertools", "lazy_static", "lazycell", "proc-macro2", @@ -1823,15 +1823,6 @@ ] [[package]] -name = "itertools" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186" -dependencies = [ - "either", -] - -[[package]] name = "itoa" version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2521,7 +2512,7 @@ "gix", "httparse", "humantime", - "itertools 0.13.0", + "itertools", "kanal", "md5", "moka", diff --git a/Cargo.toml b/Cargo.toml index fd925a4..0bc333e 100644 --- a/Cargo.toml +++ a/Cargo.toml @@ -42,7 +42,7 @@ ] } httparse = "1.9" humantime = "2.1" -itertools = "0.13.0" +itertools = "0.12.1" kanal = "0.1.0-pre8" md5 = "0.7" moka = { version = "0.12.0", features = ["future"] } diff --git a/deny.toml b/deny.toml new file mode 100644 index 0000000..19ac81d 100644 --- /dev/null +++ a/deny.toml @@ -1,0 +1,51 @@ +[graph] +targets = [] +all-features = false +no-default-features = false + +[output] +feature-depth = 1 + +[advisories] +ignore = [] + +[licenses] +allow = [ + "MIT", + "Apache-2.0", + "Unicode-3.0", + "Unicode-DFS-2016", + "WTFPL", + "BSL-1.0", + "CC0-1.0", + "BSD-3-Clause", + "ISC", + "Zlib", + "BSD-2-Clause", +] +confidence-threshold = 0.8 +exceptions = [] + +[bans] +multiple-versions = "warn" +wildcards = "allow" +highlight = "all" +workspace-default-features = "allow" +external-default-features = "allow" +allow = [] +deny = [] +skip = [ + { crate = "sync_wrapper@0.1.2", reason = "tower has not upgraded to 1.0 yet" }, + { crate = "windows-sys@0.52.0", reason = "gix pulls in two separate versions" }, + { crate = "hashbrown@0.14.5", reason = "gix has not upgraded their version of dashmap" }, +] +skip-tree = [ + { name = "matchers", reason = "tracing-subscriber's env-filter pulls in an ancient regex version" } +] + +[sources] +unknown-registry = "warn" +unknown-git = "warn" +allow-registry = ["https://github.com/rust-lang/crates.io-index"] +allow-git = [] + diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cb38fcf..e147f96 100644 --- a/.github/workflows/ci.yml +++ a/.github/workflows/ci.yml @@ -7,7 +7,7 @@ name: Check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: actions-rs/toolchain@v1 with: profile: minimal @@ -36,7 +36,7 @@ name: Rustfmt runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: actions-rs/toolchain@v1 with: profile: minimal @@ -47,11 +47,17 @@ with: command: fmt + cargo-deny: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: EmbarkStudios/cargo-deny-action@v1 + clippy: name: Clippy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: actions-rs/toolchain@v1 with: profile: minimal -- rgit 0.1.3