[licenses]
unlicensed = "deny"

# Deny licenses unless they are specifically listed here
copyleft = "deny"
allow-osi-fsf-free = "neither"
default = "deny"

# We want really high confidence when inferring licenses from text
confidence-threshold = 0.93

allow = [
    "Apache-2.0",
    "BSD-3-Clause",
    "BSL-1.0",
    "ISC",
    "MIT",
    "OpenSSL",
    "Unlicense",
    "Zlib",
]

exceptions = [
    { name = "webpki-roots", allow = ["MPL-2.0"], version = "*" },
    { name = "unicode-ident", allow = ["MIT", "Apache-2.0", "Unicode-DFS-2016"] },
]

[[licenses.clarify]]
name = "ring"
expression = "MIT AND ISC AND OpenSSL"
license-files = [
    { path = "LICENSE", hash = 0xbd0eed23 },
]

[[licenses.clarify]]
name = "webpki"
expression = "ISC"
license-files = [
    { path = "LICENSE", hash = 0x001c7e6c },
]

[bans]
# Deny multiple versions or wildcard dependencies.
multiple-versions = "deny"
wildcards = "deny"
skip = [
    # older version used by reqwest 0.11.13
    { name = "base64", version = "0.13.1" },
]

[sources]
# Deny crates from unknown registries or git repositories.
unknown-registry = "deny"
unknown-git = "deny"