# Configuration documentation:
#   https://embarkstudios.github.io/cargo-deny/index.html

[advisories]
vulnerability = "deny"
yanked = "deny"
unmaintained = "warn"
notice = "warn"
ignore = [
    # title: Potential segfault in the time crate
    # why needed: used by `chrono`
    # upstream issue: https://github.com/chronotope/chrono/issues/553
    "RUSTSEC-2020-0071",

    # potential unalinged read in atty
    # https://rustsec.org/advisories/RUSTSEC-2021-0145
    # Acceptable because only dependencies are dev/test (not used in prod code).
    "RUSTSEC-2021-0145",
]
git-fetch-with-cli = true

[licenses]
default = "allow"
unlicensed = "allow"
copyleft = "allow"

[sources.allow-org]
github = ["influxdata", "apache"]

[bans]
multiple-versions = "warn"
deny = [
    # We are using rustls as the TLS implementation, so we shouldn't be linking
    # in OpenSSL too.
    #
    # If you're hitting this, you might want to take a look at what new
    # dependencies you have introduced and check if there's a way to depend on
    # rustls instead of OpenSSL (tip: check the crate's feature flags).
    { name = "openssl-sys" }
]