ci: move deny to ci (#233)

DaniPopes · web-flow · commit 2ab992d6efb3 · 2024-12-09T16:43:33.000+01:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -105,3 +105,6 @@ jobs:
         with:
           components: rustfmt
       - run: cargo fmt --all --check
+
+  deny:
+    uses: ithacaxyz/ci/.github/workflows/deny.yml@main
diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml
diff --git a/crates/compilers/Cargo.toml b/crates/compilers/Cargo.toml
@@ -35,7 +35,7 @@ tokio = { workspace = true, optional = true }
 auto_impl = "1"
 winnow = "0.6"
 dyn-clone = "1"
-derivative = "2.2"
+derive_more = { version = "1", features = ["debug"] }
 home = "0.5"
 dirs = "5.0"
 itertools = "0.13"
diff --git a/crates/compilers/src/lib.rs b/crates/compilers/src/lib.rs
@@ -48,7 +48,6 @@ pub use foundry_compilers_core::{error, utils};
 use cache::CompilerCache;
 use compile::output::contracts::VersionedContracts;
 use compilers::multi::MultiCompiler;
-use derivative::Derivative;
 use foundry_compilers_artifacts::{
     output_selection::OutputSelection,
     solc::{
@@ -67,8 +66,7 @@ use std::{
 };
 
 /// Represents a project workspace and handles `solc` compiling of all contracts in that workspace.
-#[derive(Clone, Derivative)]
-#[derivative(Debug)]
+#[derive(Clone, derive_more::Debug)]
 pub struct Project<
     C: Compiler = MultiCompiler,
     T: ArtifactOutput<CompilerContract = C::CompilerContract> = ConfigurableArtifacts,
@@ -110,7 +108,7 @@ pub struct Project<
     /// This is a noop on other platforms
     pub slash_paths: bool,
     /// Optional sparse output filter used to optimize compilation.
-    #[derivative(Debug = "ignore")]
+    #[debug(skip)]
     pub sparse_output: Option<Box<dyn FileFilter>>,
 }
 
diff --git a/deny.toml b/deny.toml
@@ -1,44 +1,17 @@
-# This section is considered when running `cargo deny check advisories`
-# More documentation for the advisories section can be found here:
-# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
 [advisories]
-vulnerability = "deny"
-unmaintained = "warn"
-unsound = "warn"
+version = 2
 yanked = "warn"
-notice = "warn"
+ignore = []
 
-# This section is considered when running `cargo deny check bans`.
-# More documentation about the 'bans' section can be found here:
-# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
 [bans]
-# Lint level for when multiple versions of the same crate are detected
 multiple-versions = "warn"
-# Lint level for when a crate version requirement is `*`
 wildcards = "deny"
 highlight = "all"
-# List of crates to deny
-deny = [
-    # Each entry the name of a crate and a version range. If version is
-    # not specified, all versions will be matched.
-    #{ name = "ansi_term", version = "=0.11.0" },
-]
-# Certain crates/versions that will be skipped when doing duplicate detection.
-skip = []
-# Similarly to `skip` allows you to skip certain crates during duplicate
-# detection. Unlike skip, it also includes the entire tree of transitive
-# dependencies starting at the specified crate, up to a certain depth, which is
-# by default infinite
-skip-tree = []
 
 [licenses]
-unlicensed = "deny"
 confidence-threshold = 0.9
 # copyleft = "deny"
 
-# List of explicitly allowed licenses
-# See https://spdx.org/licenses/ for list of possible licenses
-# [possible values: any SPDX 3.7 short identifier (+ optional exception)].
 allow = [
     "MIT",
     "MIT-0",
@@ -48,26 +21,22 @@ allow = [
     "BSD-3-Clause",
     "ISC",
     "Unicode-DFS-2016",
+    "Unicode-3.0",
     "Unlicense",
     "MPL-2.0",
+    "Zlib",
+    "BSL-1.0",
     # https://github.com/briansmith/ring/issues/902
     "LicenseRef-ring",
     # https://github.com/briansmith/webpki/issues/148
     "LicenseRef-webpki",
-    "BSL-1.0",
-    "Unicode-3.0",
-    "Zlib",
 ]
 
-# Allow 1 or more licenses on a per-crate basis, so that particular licenses
-# aren't accepted for every possible crate as with the normal allow list
 exceptions = [
     # CC0 is a permissive license but somewhat unclear status for source code
     # so we prefer to not have dependencies using it
     # https://tldrlegal.com/license/creative-commons-cc0-1.0-universal
     { allow = ["CC0-1.0"], name = "tiny-keccak" },
-    { allow = ["CC0-1.0"], name = "trezor-client" },
-    { allow = ["CC0-1.0"], name = "constant_time_eq" },
 ]
 
 [[licenses.clarify]]
@@ -80,18 +49,7 @@ name = "webpki"
 expression = "LicenseRef-webpki"
 license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
 
-[[licenses.clarify]]
-name = "rustls-webpki"
-expression = "LicenseRef-webpki"
-license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
-
-# This section is considered when running `cargo deny check sources`.
-# More documentation about the 'sources' section can be found here:
-# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html
 [sources]
-# Lint level for what to happen when a crate from a crate registry that is not
-# in the allow list is encountered
 unknown-registry = "deny"
-# Lint level for what to happen when a crate from a git repository that is not
-# in the allow list is encountered
-unknown-git = "deny"
+unknown-git = "deny"
+allow-git = []
