[advisories]
# cargo-audit handles these. In the case where we have to temporarily allow
# some unmaintained/yanked crates, we'll do that in .cargo/audit.toml.
unmaintained = "allow"
yanked = "allow"
notice = "deny"

[licenses]
allow = [
    "Apache-2.0",
    "ISC",
    "LicenseRef-ring",
    "MIT",
]
confidence-threshold = 1.0

[[licenses.clarify]]
name = "ring"
expression = "LicenseRef-ring"
license-files = [
    { path = "LICENSE", hash = 0xbd0eed23 },
]

[bans]
# We don't maintain a fixed Cargo.lock so enforcing
# `multiple-versions = "deny"` is impractical.
multiple-versions = "allow"
wildcards = "deny"

[sources]
unknown-registry = "deny"
unknown-git = "deny"