Skip to content

Commit b0d3671

Browse files
AlexD10SAlexD10S
authored
fix: update cargo-deny config for new advisories and licenses (#1006)
- Clean up advisory ignore list, remove resolved entries and add new ones - Add CDLA-Permissive-2.0 to allowed licenses - Add OpenSSL exception for aws-lc-sys - Bump git2 to 0.20.4 and git2_credentials to 0.15.0
1 parent 1d1283e commit b0d3671

File tree

3 files changed

+28
-23
lines changed

3 files changed

+28
-23
lines changed

Cargo.lock

Lines changed: 10 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ duct = { version = "0.13", default-features = false }
3131
env_logger = { version = "0.11.7", default-features = false }
3232
flate2 = "1.0.30"
3333
futures = { version = "0.3.30", default-features = false }
34-
git2 = { version = "0.18", default-features = true, features = ["vendored-openssl"] }
34+
git2 = { version = "0.20.4", default-features = true, features = ["vendored-openssl"] }
3535
glob = { version = "0.3.1", default-features = false }
3636
hex = { version = "0.4", default-features = false, features = ["std"] }
3737
jsonrpsee = { version = "0.24", default-features = false, features = ["server", "macros"] }
@@ -85,7 +85,7 @@ serde_json = { version = "1.0", default-features = false, features = ["preserve_
8585
serde = { version = "1.0", default-features = false, features = ["derive"] }
8686
zombienet-configuration = { version = "0.4.3", default-features = false }
8787
zombienet-sdk = { version = "0.4.3", default-features = false }
88-
git2_credentials = "0.13.0"
88+
git2_credentials = "0.15.0"
8989
cumulus-client-cli = { version = "0.26.0", default-features = false }
9090

9191
# benchmarking

deny.toml

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,17 @@ all-features = false
44
# This section is considered when running `cargo deny check advisories`
55
[advisories]
66
ignore = [
7-
{ id = "RUSTSEC-2024-0344", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/214" },
8-
{ id = "RUSTSEC-2024-0388", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/436" },
9-
{ id = "RUSTSEC-2024-0384", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/437" },
10-
{ id = "RUSTSEC-2020-0163", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/438" },
11-
{ id = "RUSTSEC-2024-0436", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/450" },
12-
{ id = "RUSTSEC-2025-0012", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/451" },
13-
{ id = "RUSTSEC-2024-0370", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/458" },
14-
{ id = "RUSTSEC-2022-0061", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/458" },
15-
{ id = "RUSTSEC-2020-0168", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/458" },
16-
{ id = "RUSTSEC-2024-0438", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/458" },
17-
{ id = "RUSTSEC-2023-0091", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/458" },
18-
{ id = "RUSTSEC-2024-0442", reason = "No upgrade available. Tracking the vulnerability: https://github.com/r0gue-io/pop-cli/issues/458" },
7+
{ id = "RUSTSEC-2024-0388", reason = "No upgrade available. Dependency of contract-extrinsics" },
8+
{ id = "RUSTSEC-2024-0384", reason = "No upgrade available. Dependency of zombienet-sdk" },
9+
{ id = "RUSTSEC-2020-0163", reason = "No upgrade available. Dependency of contract-extrinsics" },
10+
{ id = "RUSTSEC-2024-0436", reason = "No upgrade available. Dependency of contract-build" },
11+
{ id = "RUSTSEC-2025-0012", reason = "No upgrade available. Dependency of zombienet-sdk" },
12+
{ id = "RUSTSEC-2024-0370", reason = "No upgrade available. Dependency of polkadot-sdk" },
13+
{ id = "RUSTSEC-2022-0061", reason = "No upgrade available. Dependency of polkadot-sdk" },
14+
{ id = "RUSTSEC-2026-0006", reason = "No upgrade available. Dependency of polkadot-sdk" },
15+
{ id = "RUSTSEC-2025-0118", reason = "No upgrade available. Dependency of polkadot-sdk" },
16+
{ id = "RUSTSEC-2025-0134", reason = "No upgrade available. Dependency of zombienet-sdk" },
17+
{ id = "RUSTSEC-2026-0002", reason = "No upgrade available. Dependency of polkadot-sdk" },
1918
]
2019

2120
[licenses]
@@ -26,6 +25,7 @@ allow = [
2625
"BSD-2-Clause",
2726
"BSD-3-Clause",
2827
"CC0-1.0",
28+
"CDLA-Permissive-2.0",
2929
"ISC",
3030
"GPL-3.0",
3131
"GPL-3.0 WITH Classpath-exception-2.0", # For Substrate crates
@@ -44,6 +44,10 @@ confidence-threshold = 0.93
4444
allow = ["OpenSSL"]
4545
name = "ring"
4646

47+
[[licenses.exceptions]]
48+
allow = ["OpenSSL"]
49+
name = "aws-lc-sys"
50+
4751
[[licenses.clarify]]
4852
crate = "webpki"
4953
expression = "ISC"

0 commit comments

Comments
 (0)