Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove deprecated deny.toml fields #405

Merged
merged 1 commit into from
Sep 2, 2024
Merged

Remove deprecated deny.toml fields #405

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 14 additions & 24 deletions deny.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,27 +1,16 @@
[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "deny"

# List of explictly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
allow = ["MPL-2.0"]

# List of explictly disallowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
deny = []

# The lint level for licenses considered copyleft
copyleft = "deny"

# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses
# * both - The license will only be approved if it is both OSI-approved *AND* FSF/Free
# * either - The license will be approved if it is either OSI-approved *OR* FSF/Free
# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF/Free
# * fsf-only - The license will be approved if is FSF/Free *AND NOT* OSI-approved
# * neither - The license will be denied if is FSF/Free *OR* OSI-approved
allow-osi-fsf-free = "either"
allow = [
"Apache-2.0",
"BSD-2-Clause",
"BSD-3-Clause",
"EPL-2.0",
"MIT",
"MPL-2.0",
"Unicode-DFS-2016"
Comment on lines +6 to +12
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Unicode-DFS-2016 is only OSI approved, all other licenses are both FSF Free/Libre and OSI approved (https://spdx.org/licenses/).

Apparently the MPL-2.0 and EPL-2.0 are weak copyleft licenses. You only added the licenses to the list that are already required with the current dependencies but I thought it'd be a good idea to double-check this now. The MPL-2.0 uses "file-level" copyleft so that should be fine for us (https://www.mozilla.org/en-US/MPL/2.0/FAQ/). The EPL-2.0 only seems to feature some "limited"/weaker ("buisness-friendly") copyleft so it should be fine as well (https://en.wikipedia.org/wiki/Eclipse_Public_License).

cc @christophprokop

]

# The confidence threshold for detecting a license from license text.
# The higher the value, the more closely the license text must be to the
Expand All @@ -48,16 +37,17 @@ allow = [
deny = [
# Each entry the name of a crate and a version range. If version is
# not specified, all versions will be matched.
{ name = "fuchsia-cprng" }
{ crate = "fuchsia-cprng" }
]

# Certain crates/versions that will be skipped when doing duplicate detection.
skip = [
]

# Similarly to `skip` allows you to skip certain crates during duplicate detection,
# unlike skip, it also includes the entire tree of transitive dependencies starting at
# the specified crate, up to a certain depth, which is by default infinite
# Similarly to `skip` allows you to skip certain crates during duplicate
# detection. Unlike skip, it also includes the entire tree of transitive
# dependencies starting at the specified crate, up to a certain depth, which is
# by default infinite.
skip-tree = [
]

Expand Down