65f7b05841
# Objective - CI fails due to `atomic-polyfill` being unmaintained ## Solution - Dependency chain of `postcard -> heapless -> atomic-polyfill` . `heapless` is updated. `postcard` has not yet. - See https://github.com/jamesmunns/postcard/issues/223 - Ignore the advisory for now ## Testing - CI with this PR --------- Co-authored-by: MichiRecRoom <1008889+LikeLakers2@users.noreply.github.com>
100 lines
2.3 KiB
TOML
100 lines
2.3 KiB
TOML
[graph]
|
|
all-features = true
|
|
|
|
[advisories]
|
|
version = 2
|
|
ignore = [
|
|
# paste was announced as unmaintained with no explanation or replacement
|
|
# See: https://rustsec.org/advisories/RUSTSEC-2024-0436
|
|
# Bevy relies on this in multiple indirect ways, so ignoring it is the only feasible current solution
|
|
"RUSTSEC-2024-0436",
|
|
# unmaintained: postcard -> heapless -> atomic-polyfill
|
|
# See https://github.com/jamesmunns/postcard/issues/223
|
|
"RUSTSEC-2023-0089",
|
|
]
|
|
|
|
[licenses]
|
|
version = 2
|
|
allow = [
|
|
"0BSD",
|
|
"Apache-2.0",
|
|
"Apache-2.0 WITH LLVM-exception",
|
|
"BSD-2-Clause",
|
|
"BSD-3-Clause",
|
|
"BSL-1.0",
|
|
"CC0-1.0",
|
|
"ISC",
|
|
"MIT",
|
|
"MIT-0",
|
|
"Unlicense",
|
|
"Zlib",
|
|
]
|
|
|
|
exceptions = [
|
|
{ name = "unicode-ident", allow = [
|
|
"Unicode-DFS-2016",
|
|
"Unicode-3.0",
|
|
] },
|
|
{ name = "symphonia", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-bundle-flac", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-bundle-mp3", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-codec-aac", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-codec-adpcm", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-codec-pcm", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-codec-vorbis", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-core", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-format-isomp4", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-format-riff", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-metadata", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
{ name = "symphonia-utils-xiph", allow = [
|
|
"MPL-2.0",
|
|
] },
|
|
]
|
|
|
|
[bans]
|
|
multiple-versions = "warn"
|
|
wildcards = "deny"
|
|
# Certain crates that we don't want multiple versions of in the dependency tree
|
|
deny = [
|
|
{ name = "ahash", deny-multiple-versions = true },
|
|
{ name = "android-activity", deny-multiple-versions = true },
|
|
{ name = "glam", deny-multiple-versions = true },
|
|
{ name = "raw-window-handle", deny-multiple-versions = true },
|
|
]
|
|
skip = [
|
|
{ name = "bevy_math", reason = "bevy_math has a path dev dependency on itself without a version" },
|
|
]
|
|
|
|
[sources]
|
|
unknown-registry = "deny"
|
|
unknown-git = "deny"
|
|
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|
|
allow-git = []
|
|
|
|
# thiserror is the preferred way to derive error types
|
|
[[bans.features]]
|
|
crate = "derive_more"
|
|
deny = ["error"]
|