From 4a3759633b7eec6183d793031cbb72acd681986d Mon Sep 17 00:00:00 2001 From: Ajit Banerjee Date: Tue, 23 Jul 2024 14:42:23 -0700 Subject: [PATCH] Adding license checking using cargo-deny --- .github/workflows/commit.yml | 28 +++++++++++ deny.toml | 64 +++++++++++++++++++++++++ gitxet/Cargo.toml | 1 + libxet/Cargo.lock | 24 +++------- libxet/Cargo.toml | 1 + rust/cache/Cargo.toml | 1 + rust/cas_client/Cargo.toml | 1 + rust/chunkpipe/Cargo.toml | 1 + rust/common_constants/Cargo.toml | 1 + rust/data_analysis/Cargo.toml | 1 + rust/error_printer/Cargo.toml | 1 + rust/file_utils/Cargo.toml | 1 + rust/gitxetcore/Cargo.toml | 1 + rust/lazy/Cargo.toml | 3 +- rust/libmagic/Cargo.toml | 3 +- rust/mdb_shard/Cargo.toml | 1 + rust/merkledb/Cargo.toml | 1 + rust/merklehash/Cargo.toml | 1 + rust/parutils/Cargo.toml | 1 + rust/pointer_file/Cargo.toml | 3 +- rust/progress_reporting/Cargo.toml | 1 + rust/prometheus_dict_encoder/Cargo.toml | 1 + rust/retry_strategy/Cargo.toml | 1 + rust/shard_client/Cargo.toml | 1 + rust/tableau_summary/Cargo.toml | 1 + rust/utils/Cargo.toml | 1 + rust/xet_config/Cargo.toml | 1 + rust/xetblob/Cargo.toml | 1 + xetldfs/Cargo.lock | 24 +++------- xetldfs/Cargo.toml | 1 + 30 files changed, 135 insertions(+), 37 deletions(-) create mode 100644 deny.toml diff --git a/.github/workflows/commit.yml b/.github/workflows/commit.yml index 9766b379..4511ef1c 100644 --- a/.github/workflows/commit.yml +++ b/.github/workflows/commit.yml @@ -7,6 +7,34 @@ on: pull_request: jobs: + cargo-deny: + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + - uses: EmbarkStudios/cargo-deny-action@v1 + with: + log-level: warn + manifest-path: ./rust/Cargo.toml + command: check + command-arguments: "licenses" + - uses: EmbarkStudios/cargo-deny-action@v1 + with: + log-level: warn + manifest-path: ./gitxet/Cargo.toml + command: check + command-arguments: "licenses" + - uses: EmbarkStudios/cargo-deny-action@v1 + with: + log-level: warn + manifest-path: ./libxet/Cargo.toml + command: check + command-arguments: "licenses" + - uses: EmbarkStudios/cargo-deny-action@v1 + with: + log-level: warn + manifest-path: ./xetldfs/Cargo.toml + command: check + command-arguments: "licenses" build_and_test: strategy: fail-fast: false diff --git a/deny.toml b/deny.toml new file mode 100644 index 00000000..86ecd045 --- /dev/null +++ b/deny.toml @@ -0,0 +1,64 @@ +[graph] +targets = [ +] +no-default-features = false + +[output] +feature-depth = 1 + +[advisories] +ignore = [ +] +#git-fetch-with-cli = true + +[licenses] +copyleft = "deny" +allow = [ + "Apache-2.0", + "BSD-2-Clause", + "BSD-3-Clause", + "CC0-1.0", + "ISC", + "MIT", + "MPL-2.0", + "0BSD", + "Zlib", + "Unicode-DFS-2016", + "OpenSSL" +] +confidence-threshold = 0.8 +exceptions = [ +] + +[[licenses.clarify]] +crate = "ring" +expression = "MIT AND ISC AND OpenSSL" +license-files = [ + { path = "LICENSE", hash = 0xbd0eed23 } +] + + +[bans] +wildcards = "allow" +allow = [ +] +# List of crates to deny +deny = [ +] + + +skip = [ +] +skip-tree = [ +] + +[sources] +unknown-registry = "warn" +unknown-git = "warn" +allow-registry = ["https://github.com/rust-lang/crates.io-index"] +allow-git = [] + +[sources.allow-org] +github = [""] +gitlab = [""] +bitbucket = [""] diff --git a/gitxet/Cargo.toml b/gitxet/Cargo.toml index 7496c9ef..78198adf 100644 --- a/gitxet/Cargo.toml +++ b/gitxet/Cargo.toml @@ -3,6 +3,7 @@ name = "gitxet" version = "0.14.5" edition = "2021" resolver = "2" +license = "BSD-3-Clause" [[bin]] name = "git-xet" diff --git a/libxet/Cargo.lock b/libxet/Cargo.lock index 26f28ce7..da109c85 100644 --- a/libxet/Cargo.lock +++ b/libxet/Cargo.lock @@ -1391,10 +1391,10 @@ dependencies = [ "serde_with", "shard_client", "shellexpand", + "shellish_parse", "slog", "slog-async", "slog-json", - "snailquote", "sorted-vec", "static_assertions", "sysinfo", @@ -3669,6 +3669,12 @@ dependencies = [ "dirs 2.0.2", ] +[[package]] +name = "shellish_parse" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c29b912ad681a28566f37b936bba1f3580a93b9391c4a0b12cb1c6b4ed79973" + [[package]] name = "signal-hook" version = "0.3.17" @@ -3750,16 +3756,6 @@ version = "1.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" -[[package]] -name = "snailquote" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec62a949bda7f15800481a711909f946e1204f2460f89210eaf7f57730f88f86" -dependencies = [ - "thiserror", - "unicode_categories", -] - [[package]] name = "socket2" version = "0.5.7" @@ -4523,12 +4519,6 @@ version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" -[[package]] -name = "unicode_categories" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39ec24b3121d976906ece63c9daad25b85969647682eee313cb5779fdd69e14e" - [[package]] name = "untrusted" version = "0.7.1" diff --git a/libxet/Cargo.toml b/libxet/Cargo.toml index ad57498b..37c7cff3 100644 --- a/libxet/Cargo.toml +++ b/libxet/Cargo.toml @@ -2,6 +2,7 @@ name = "libxet" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [dependencies] gitxetcore = { path = "../rust/gitxetcore" } diff --git a/rust/cache/Cargo.toml b/rust/cache/Cargo.toml index 9bed6179..6f76a713 100644 --- a/rust/cache/Cargo.toml +++ b/rust/cache/Cargo.toml @@ -2,6 +2,7 @@ name = "cache" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/cas_client/Cargo.toml b/rust/cas_client/Cargo.toml index 76af76ae..fe958a1e 100644 --- a/rust/cas_client/Cargo.toml +++ b/rust/cas_client/Cargo.toml @@ -2,6 +2,7 @@ name = "cas_client" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [features] strict = [] diff --git a/rust/chunkpipe/Cargo.toml b/rust/chunkpipe/Cargo.toml index a992f3ff..bd70f17b 100644 --- a/rust/chunkpipe/Cargo.toml +++ b/rust/chunkpipe/Cargo.toml @@ -2,6 +2,7 @@ name = "chunkpipe" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/common_constants/Cargo.toml b/rust/common_constants/Cargo.toml index 85c0ae00..ec189aba 100644 --- a/rust/common_constants/Cargo.toml +++ b/rust/common_constants/Cargo.toml @@ -2,6 +2,7 @@ name = "common_constants" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/data_analysis/Cargo.toml b/rust/data_analysis/Cargo.toml index 3797c1ff..25ee0164 100644 --- a/rust/data_analysis/Cargo.toml +++ b/rust/data_analysis/Cargo.toml @@ -3,6 +3,7 @@ name = "data_analysis" version = "0.14.5" edition = "2021" description = "Single-pass algorithms to analyze (potentially large) data" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/error_printer/Cargo.toml b/rust/error_printer/Cargo.toml index 8811fa5a..2ae86691 100644 --- a/rust/error_printer/Cargo.toml +++ b/rust/error_printer/Cargo.toml @@ -2,6 +2,7 @@ name = "error_printer" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/file_utils/Cargo.toml b/rust/file_utils/Cargo.toml index 5a65780c..27dd9c95 100644 --- a/rust/file_utils/Cargo.toml +++ b/rust/file_utils/Cargo.toml @@ -2,6 +2,7 @@ name = "file_utils" version = "0.14.2" edition = "2021" +license = "BSD-3-Clause" [dependencies] colored = "2.0.0" diff --git a/rust/gitxetcore/Cargo.toml b/rust/gitxetcore/Cargo.toml index 96869423..47627e1f 100644 --- a/rust/gitxetcore/Cargo.toml +++ b/rust/gitxetcore/Cargo.toml @@ -2,6 +2,7 @@ name = "gitxetcore" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [profile.release] opt-level = 3 diff --git a/rust/lazy/Cargo.toml b/rust/lazy/Cargo.toml index 45cf5f76..c67bfa71 100644 --- a/rust/lazy/Cargo.toml +++ b/rust/lazy/Cargo.toml @@ -2,6 +2,7 @@ name = "lazy" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html @@ -12,4 +13,4 @@ tokio = { version = "1.36", features = ["full"] } lazy_static = "1.4.0" [dev-dependencies] -tempfile = "3" \ No newline at end of file +tempfile = "3" diff --git a/rust/libmagic/Cargo.toml b/rust/libmagic/Cargo.toml index abf50b38..7d3063da 100644 --- a/rust/libmagic/Cargo.toml +++ b/rust/libmagic/Cargo.toml @@ -2,6 +2,7 @@ name = "libmagic" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [lib] doctest = false @@ -13,4 +14,4 @@ serde = {version = "1.0.142", features = ["derive"] } serde_json = "1.0.83" tracing = "0.1.*" tracing-attributes = "0.1" -tracing-subscriber = {version = "0.3", features = ["tracing-log"]} \ No newline at end of file +tracing-subscriber = {version = "0.3", features = ["tracing-log"]} diff --git a/rust/mdb_shard/Cargo.toml b/rust/mdb_shard/Cargo.toml index b9c8f87d..3d751435 100644 --- a/rust/mdb_shard/Cargo.toml +++ b/rust/mdb_shard/Cargo.toml @@ -2,6 +2,7 @@ name = "mdb_shard" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/merkledb/Cargo.toml b/rust/merkledb/Cargo.toml index 508d3ec2..f466f2bb 100644 --- a/rust/merkledb/Cargo.toml +++ b/rust/merkledb/Cargo.toml @@ -2,6 +2,7 @@ name = "merkledb" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/merklehash/Cargo.toml b/rust/merklehash/Cargo.toml index a21f1104..20cc5072 100644 --- a/rust/merklehash/Cargo.toml +++ b/rust/merklehash/Cargo.toml @@ -2,6 +2,7 @@ name = "merklehash" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/parutils/Cargo.toml b/rust/parutils/Cargo.toml index f446d279..d6471519 100644 --- a/rust/parutils/Cargo.toml +++ b/rust/parutils/Cargo.toml @@ -2,6 +2,7 @@ name = "parutils" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/pointer_file/Cargo.toml b/rust/pointer_file/Cargo.toml index 8b37815c..d33fe38d 100644 --- a/rust/pointer_file/Cargo.toml +++ b/rust/pointer_file/Cargo.toml @@ -2,6 +2,7 @@ name = "pointer_file" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html @@ -12,4 +13,4 @@ merklehash = {path = "../merklehash"} gitxetcore = {path = "../gitxetcore"} [features] -strict = [] \ No newline at end of file +strict = [] diff --git a/rust/progress_reporting/Cargo.toml b/rust/progress_reporting/Cargo.toml index 106bfe47..439643e6 100644 --- a/rust/progress_reporting/Cargo.toml +++ b/rust/progress_reporting/Cargo.toml @@ -2,6 +2,7 @@ name = "progress_reporting" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [lib] path = "src/lib.rs" diff --git a/rust/prometheus_dict_encoder/Cargo.toml b/rust/prometheus_dict_encoder/Cargo.toml index f9e5d321..15fc930c 100644 --- a/rust/prometheus_dict_encoder/Cargo.toml +++ b/rust/prometheus_dict_encoder/Cargo.toml @@ -2,6 +2,7 @@ name = "prometheus_dict_encoder" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/retry_strategy/Cargo.toml b/rust/retry_strategy/Cargo.toml index c43bde06..720887db 100644 --- a/rust/retry_strategy/Cargo.toml +++ b/rust/retry_strategy/Cargo.toml @@ -2,6 +2,7 @@ name = "retry_strategy" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [features] strict = [] diff --git a/rust/shard_client/Cargo.toml b/rust/shard_client/Cargo.toml index 417b3470..246a424a 100644 --- a/rust/shard_client/Cargo.toml +++ b/rust/shard_client/Cargo.toml @@ -2,6 +2,7 @@ name = "shard_client" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [features] strict = [] diff --git a/rust/tableau_summary/Cargo.toml b/rust/tableau_summary/Cargo.toml index cd8f7679..7264dd90 100644 --- a/rust/tableau_summary/Cargo.toml +++ b/rust/tableau_summary/Cargo.toml @@ -2,6 +2,7 @@ name = "tableau_summary" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [dependencies] error_printer = {path = "../error_printer"} diff --git a/rust/utils/Cargo.toml b/rust/utils/Cargo.toml index 9542bd03..10a36ad1 100644 --- a/rust/utils/Cargo.toml +++ b/rust/utils/Cargo.toml @@ -2,6 +2,7 @@ name = "utils" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" [lib] name = "cas" diff --git a/rust/xet_config/Cargo.toml b/rust/xet_config/Cargo.toml index 8bb50b1d..01d62590 100644 --- a/rust/xet_config/Cargo.toml +++ b/rust/xet_config/Cargo.toml @@ -2,6 +2,7 @@ name = "xet_config" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/rust/xetblob/Cargo.toml b/rust/xetblob/Cargo.toml index c293c9eb..80117c8e 100644 --- a/rust/xetblob/Cargo.toml +++ b/rust/xetblob/Cargo.toml @@ -2,6 +2,7 @@ name = "xetblob" version = "0.14.5" edition = "2021" +license = "BSD-3-Clause" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/xetldfs/Cargo.lock b/xetldfs/Cargo.lock index 6263f6a0..b559db61 100644 --- a/xetldfs/Cargo.lock +++ b/xetldfs/Cargo.lock @@ -1398,10 +1398,10 @@ dependencies = [ "serde_with", "shard_client", "shellexpand", + "shellish_parse", "slog", "slog-async", "slog-json", - "snailquote", "sorted-vec", "static_assertions", "sysinfo", @@ -3685,6 +3685,12 @@ dependencies = [ "dirs 2.0.2", ] +[[package]] +name = "shellish_parse" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c29b912ad681a28566f37b936bba1f3580a93b9391c4a0b12cb1c6b4ed79973" + [[package]] name = "signal-hook" version = "0.3.17" @@ -3766,16 +3772,6 @@ version = "1.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" -[[package]] -name = "snailquote" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec62a949bda7f15800481a711909f946e1204f2460f89210eaf7f57730f88f86" -dependencies = [ - "thiserror", - "unicode_categories", -] - [[package]] name = "socket2" version = "0.5.7" @@ -4539,12 +4535,6 @@ version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" -[[package]] -name = "unicode_categories" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39ec24b3121d976906ece63c9daad25b85969647682eee313cb5779fdd69e14e" - [[package]] name = "untrusted" version = "0.7.1" diff --git a/xetldfs/Cargo.toml b/xetldfs/Cargo.toml index bcb78024..52edf741 100644 --- a/xetldfs/Cargo.toml +++ b/xetldfs/Cargo.toml @@ -2,6 +2,7 @@ name = "xetldfs" version = "0.14.2" edition = "2021" +license = "BSD-3-Clause" [[bin]] name = "x"