diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 82094815d..955344727 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -221,7 +221,7 @@ jobs: steps: - uses: taiki-e/checkout-action@v1 - - uses: EmbarkStudios/cargo-deny-action@v1 + - uses: EmbarkStudios/cargo-deny-action@v2 with: command: check log-level: error diff --git a/Cargo.toml b/Cargo.toml index 06d5ba972..4169b2871 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,7 +14,17 @@ rust-version.workspace = true repository.workspace = true license.workspace = true edition.workspace = true -exclude = ["/.cargo"] +include = [ + "/build.rs", + "/docs", + "/examples", + "/FEATURES.md", + "/LICENSE", + "/src", + "!/src/platform_impl/web/script", + "/src/platform_impl/web/script/**/*.min.js", + "/tests", +] [package.metadata.docs.rs] features = [ diff --git a/deny.toml b/deny.toml index 27fe32cd0..4fcc44162 100644 --- a/deny.toml +++ b/deny.toml @@ -1,15 +1,20 @@ -# https://embarkstudios.github.io/cargo-deny/ +# https://embarkstudios.github.io/cargo-deny # cargo install cargo-deny -# cargo update && cargo deny --all-features --log-level error --target aarch64-apple-ios check +# cargo update && cargo deny --target aarch64-apple-ios check # Note: running just `cargo deny check` without a `--target` will result in # false positives due to https://github.com/EmbarkStudios/cargo-deny/issues/324 +[graph] +all-features = true +exclude-dev = true targets = [ { triple = "aarch64-apple-ios" }, { triple = "aarch64-linux-android" }, { triple = "i686-pc-windows-gnu" }, { triple = "i686-pc-windows-msvc" }, { triple = "i686-unknown-linux-gnu" }, - { triple = "wasm32-unknown-unknown" }, + { triple = "wasm32-unknown-unknown", features = [ + "atomics", + ] }, { triple = "x86_64-apple-darwin" }, { triple = "x86_64-apple-ios" }, { triple = "x86_64-pc-windows-gnu" }, @@ -18,45 +23,65 @@ targets = [ { triple = "x86_64-unknown-redox" }, ] - -[advisories] -vulnerability = "deny" -unmaintained = "warn" -yanked = "deny" -ignore = [] - +[licenses] +allow = [ + "Apache-2.0", # https://tldrlegal.com/license/apache-license-2.0-(apache-2.0) + "BSD-2-Clause", # https://tldrlegal.com/license/bsd-2-clause-license-(freebsd) + "BSD-3-Clause", # https://tldrlegal.com/license/bsd-3-clause-license-(revised) + "ISC", # https://tldrlegal.com/license/-isc-license + "MIT", # https://tldrlegal.com/license/mit-license + "Unicode-DFS-2016", # https://spdx.org/licenses/Unicode-DFS-2016.html +] +confidence-threshold = 1.0 +private = { ignore = true } [bans] multiple-versions = "deny" -wildcards = "allow" # at least until https://github.com/EmbarkStudios/cargo-deny/issues/241 is fixed -deny = [] skip = [ - { name = "raw-window-handle" }, # we intentionally have multiple versions of this - { name = "bitflags" }, # the ecosystem is in the process of migrating. + { crate = "raw-window-handle", reason = "we depend on multiple behind features" } + { crate = "bitflags@1", reason = "the ecosystem is in the process of migrating" } ] -skip-tree = [] +wildcards = "allow" # at least until https://github.com/EmbarkStudios/cargo-deny/issues/241 is fixed +[bans.build] +include-archives = true +interpreted = "deny" -[licenses] -private = { ignore = true } -unlicensed = "deny" -allow-osi-fsf-free = "neither" -confidence-threshold = 0.92 # We want really high confidence when inferring licenses from text -copyleft = "deny" +[[bans.build.bypass]] allow = [ - "Apache-2.0 WITH LLVM-exception", # https://spdx.org/licenses/LLVM-exception.html - "Apache-2.0", # https://tldrlegal.com/license/apache-license-2.0-(apache-2.0) - "BSD-2-Clause", # https://tldrlegal.com/license/bsd-2-clause-license-(freebsd) - "BSD-3-Clause", # https://tldrlegal.com/license/bsd-3-clause-license-(revised) - "BSL-1.0", # https://tldrlegal.com/license/boost-software-license-1.0-explained - "CC0-1.0", # https://creativecommons.org/publicdomain/zero/1.0/ - "ISC", # https://tldrlegal.com/license/-isc-license - "LicenseRef-UFL-1.0", # https://tldrlegal.com/license/ubuntu-font-license,-1.0 - no official SPDX, see https://github.com/emilk/egui/issues/2321 - "MIT-0", # https://choosealicense.com/licenses/mit-0/ - "MIT", # https://tldrlegal.com/license/mit-license - "MPL-2.0", # https://www.mozilla.org/en-US/MPL/2.0/FAQ/ - see Q11. Used by webpki-roots on Linux. - "OFL-1.1", # https://spdx.org/licenses/OFL-1.1.html - "OpenSSL", # https://www.openssl.org/source/license.html - used on Linux - "Unicode-DFS-2016", # https://spdx.org/licenses/Unicode-DFS-2016.html - "Zlib", # https://tldrlegal.com/license/zlib-libpng-license-(zlib) + { path = "generate-bindings.sh", checksum = "268ec23248218d779e33853cdc60e2985e70214ff004716cd734270de1f6b561" }, ] +crate = "android-activity" + +[[bans.build.bypass]] +allow-globs = ["freetype2/*"] +crate = "freetype-sys" + +[[bans.build.bypass]] +allow = [ + { path = "releases/friends.sh", checksum = "f896ccdcb8445d29ed6dd0d9a360f94d4f33af2f1cc9965e7bb38b156c45949d" }, +] +crate = "wasm-bindgen" + +[[bans.build.bypass]] +allow = [ + { path = "ui-tests/update-all-references.sh", checksum = "8b8dbf31e7ada1314956db7a20ab14b13af3ae246a6295afdc7dc96af8ec3773" }, + { path = "ui-tests/update-references.sh", checksum = "65375c25981646e08e8589449a06be4505b1a2c9e10d35f650be4b1b495dff22" }, +] +crate = "wasm-bindgen-macro" + +[[bans.build.bypass]] +allow-globs = ["lib/*.a"] +crate = "windows_i686_gnu" + +[[bans.build.bypass]] +allow-globs = ["lib/*.lib"] +crate = "windows_i686_msvc" + +[[bans.build.bypass]] +allow-globs = ["lib/*.a"] +crate = "windows_x86_64_gnu" + +[[bans.build.bypass]] +allow-globs = ["lib/*.lib"] +crate = "windows_x86_64_msvc"