Releases: EmbarkStudios/cargo-deny
Releases Β· EmbarkStudios/cargo-deny
0.14.20
Fixed
- PR#642 resolved #641 by pinning
gix-transport
(and its unique dependencies) to 0.41.2 as a workaround forcargo install
not using the lockfile. See this issue for more information.
0.14.19
0.14.18
0.14.17
0.14.16
0.14.15
0.14.14
0.14.13
0.14.12
Changed
- PR#605 did a major refactor of configuration, both how it is deserialized and changing (hopefully improving) many options.
- PR#605 moved
targets
,exclude
,all-features
,features
,no-default-features
, andexclude
into the[graph]
table. - PR#605 moved
feature-depth
into the[output]
table.
Added
- PR#613 added support for basic shell expansion to
advisories.db-path
, which expands support beyond just~
to include environment variable expansion.
Fixed
- PR#601 resolved #600 by outputting the correct spans when a license was both allowed and denied.
- PR#605 resolved #264 be replacing
toml
andserde
withtoml-span
. - PR#605 resolved #539 by simplifying the very common
name = "<crate_name>", version = "<requirements>"
used to target specific crates into either a plain package spec string or the simplercrate = "<package spec>"
. - PR#605 resolved #578 by adding a
reason = "<reason>"
field to many fields within the configuration that are provided in diagnostics.[bans.deny]
also has an additionaluse-instead = "<url/crate_name>"
. PR#610 did this for theadvisories.ignore
field. - PR#605 resolved #579 by allowing yanked crates to be ignored by specifying a PackageSpec in the
[advisories.ignore]
array.
Deprecated
- PR#606 and PR#611 together deprecated several fields listed below. See PR#611 for how to change your config to opt-in to the new behavior that will become the default when the deprecated fields are removed in a future minor version.
[advisories]
vulnerability
unmaintained
unsound
notice
severity-threshold
[licenses]
unlicensed
allow-osi-fsf-free
copyleft
default
deny