[advisories]
db-path = "~/.cargo/advisory-db"
db-urls = ["https://github.com/rustsec/advisory-db"]
vulnerability = "deny"
unmaintained = "warn"
yanked = "deny"
notice = "warn"
# ignore = [
#     # jsonwebtoken v7 pulls in bad versions of `time`/`chrono`. Waiting on jsonwebtoken v8.
#     "RUSTSEC-2020-0071",
#     "RUSTSEC-2020-0159",
# ]

[licenses]
unlicensed = "deny"
allow = [
    "Apache-2.0",
    "MIT",
]
deny = []
copyleft = "deny"
allow-osi-fsf-free = "neither"
default = "deny"
confidence-threshold = 0.8
exceptions = []

[[licenses.clarify]]
name = "ring"
version = "*"
expression = "MIT AND ISC AND OpenSSL"
license-files = [
    { path = "LICENSE", hash = 0xbd0eed23 },
]

[[licenses.clarify]]
name = "encoding_rs"
version = "*"
expression = "(Apache-2.0 OR MIT) AND BSD-3-Clause"
license-files = [
    { path = "COPYRIGHT", hash = 0x39f8ad31 },
]

[bans]
multiple-versions = "deny"
wildcards = "deny"
highlight = "all"
deny = []
skip-tree = []

[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
allow-git = []