[advisories]
db-path = "~/.cargo/advisory-db"
db-urls = ["https://github.com/rustsec/advisory-db"]

vulnerability = "deny"
yanked = "deny"
notice = "warn"
unmaintained = "warn"

ignore = [
  "RUSTSEC-2020-0071", # https://github.com/chronotope/chrono/issues/602
]

[licenses]
unlicensed = "deny"

allow = [
  # Effective public domain
  "CC0-1.0",
  "Unlicense",

  # Attribution required
  "MIT",
  "BSD-2-Clause",
  "BSD-3-Clause",
  "ISC",
  "Unicode-DFS-2016",
  "OpenSSL",

  # Non-invasive copyleft
  "MPL-2.0",
  "Apache-2.0",
  "Apache-2.0 WITH LLVM-exception",
  "GPL-3.0 WITH Classpath-exception-2.0",
]

copyleft = "deny"
allow-osi-fsf-free = "neither"
default = "deny"

exceptions = [
  { allow = ["AGPL-3.0"], name = "ethereum-serai" },
  { allow = ["AGPL-3.0"], name = "serai-processor" },

  { allow = ["AGPL-3.0"], name = "serai-extension" },
  { allow = ["AGPL-3.0"], name = "serai-multisig" },

  { allow = ["AGPL-3.0"], name = "serai-runtime" },
  { allow = ["AGPL-3.0"], name = "serai-consensus" },
  { allow = ["AGPL-3.0"], name = "serai-node" },
]

[[licenses.clarify]]
name = "ring"
version = "*"
expression = "MIT AND ISC AND OpenSSL"
license-files = [
  { path = "LICENSE", hash = 0xbd0eed23 }
]

[bans]
multiple-versions = "warn"
wildcards = "warn"
highlight = "all"

[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
allow-git = [
  "https://github.com/serai-dex/substrate",
  "https://github.com/hack-ink/array-bytes"
]