deny.toml

[licenses]
allow = ["Apache-2.0", "Apache-2.0 WITH LLVM-exception", "MIT",
         "BSD-3-Clause", "BSD-2-Clause", "Zlib",
         "Unlicense", "CC0-1.0", "BSL-1.0",
         "Unicode-DFS-2016", "Unicode-3.0"]
private = { ignore = true }

[[bans.deny]]
# We want to require FIPS validation downstream, so we use openssl
name = "ring"

[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-git = ["https://github.com/containers/composefs-rs"]
Initial code split from https://github.com/ostreedev/ostree-rs-ext/pull/412 Prep for potentially moving to github.com/containers/bootc 2022-11-30 13:18:17 -05:00			`[licenses]`
deny: Sync with rpm-ostree We should really have a more centrally-maintained `cargo-deny` configuration. I'd argue to maintain it here in bootc to start, but this will be a common thing for other projects in github.com/containers and elsewhere. Anyways, this needed updating for the new Unicode-3.0 license in some updated unicode crates that I saw in rpm-ostree. While we're here, quiet the duplicate crate warning in the CI job, as it's just noise. Keep it when running locally so we have some visibility if we care about it. Signed-off-by: Colin Walters <walters@verbum.org> 2025-01-16 08:48:05 -05:00			`allow = ["Apache-2.0", "Apache-2.0 WITH LLVM-exception", "MIT",`
			`"BSD-3-Clause", "BSD-2-Clause", "Zlib",`
various: adapt to new composefs-rs fsverity API Bump our composefs-rs version and adjust to the API changes there. Also, add "BSL-1.0" (Boost Software Licence, OSI/FSF approved) to our allowed licence lists: it's used by xxhash-rust. Signed-off-by: Allison Karlitskaya <allison.karlitskaya@redhat.com> 2025-04-11 14:13:28 +02:00			`"Unlicense", "CC0-1.0", "BSL-1.0",`
deny: Sync with rpm-ostree We should really have a more centrally-maintained `cargo-deny` configuration. I'd argue to maintain it here in bootc to start, but this will be a common thing for other projects in github.com/containers and elsewhere. Anyways, this needed updating for the new Unicode-3.0 license in some updated unicode crates that I saw in rpm-ostree. While we're here, quiet the duplicate crate warning in the CI job, as it's just noise. Keep it when running locally so we have some visibility if we care about it. Signed-off-by: Colin Walters <walters@verbum.org> 2025-01-16 08:48:05 -05:00			`"Unicode-DFS-2016", "Unicode-3.0"]`
			`private = { ignore = true }`
Initial code split from https://github.com/ostreedev/ostree-rs-ext/pull/412 Prep for potentially moving to github.com/containers/bootc 2022-11-30 13:18:17 -05:00
deny: Add ring We want to require FIPS validation downstream, so we use openssl. Signed-off-by: Colin Walters <walters@verbum.org> 2023-09-29 17:06:05 -04:00			`[[bans.deny]]`
			`# We want to require FIPS validation downstream, so we use openssl`
			`name = "ring"`
Initial code split from https://github.com/ostreedev/ostree-rs-ext/pull/412 Prep for potentially moving to github.com/containers/bootc 2022-11-30 13:18:17 -05:00
			`[sources]`
			`unknown-registry = "deny"`
			`unknown-git = "deny"`
lib: Depend on composefs-rs And expose some fsverity helpers. This is just to get the ball rolling on integration. Signed-off-by: Colin Walters <walters@verbum.org> 2025-02-01 13:23:33 -05:00			`allow-git = ["https://github.com/containers/composefs-rs"]`