eliott/servo
1
0
Fork 0
mirror of https://github.com/servo/servo synced 2026-04-25 17:15:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
df9877a94c0a0564246a1ed6f3e6ec852c0d0896
servo/deny.toml
Kingsley Yung df9877a94c script: Implement import key operations of ML-DSA (#41628) 
Start adding ML-DSA support to WebCrypto API.

This patch implements the import key operations of ML-DSA, with `ml-dsa`
crate.

Specification:
https://wicg.github.io/webcrypto-modern-algos/#ml-dsa-operations-import-key

Testing:
- Pass some WPT tests that were expected to fail.
- Some new FAIL expectations are added. They were skipped by WPT when
the import key operations of ML-DSA had not been implemented, and
requires other not-yet-implemented operations to pass.

Fixes: Part of #41626

Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
2026-01-02 09:59:00 +00:00

210 lines
5.4 KiB
TOML
Raw Blame History

[graph]
all-features = false
no-default-features = false
#features = []
# The output table provides options for how/if diagnostics are outputted
[output]
feature-depth = 1
# This section is considered when running `cargo deny check advisories`
# More documentation for the advisories section can be found here:
# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
[advisories]
ignore = [
# The crate `paste` is no longer maintained.
"RUSTSEC-2024-0436",
# The crate `unic-char-range` is unmaintained.
"RUSTSEC-2025-0075",
# The crate `unic-common` is unmaintained.
"RUSTSEC-2025-0080",
# The crate `unic-char-property` is unmaintained.
"RUSTSEC-2025-0081",
# The crate `unic-ucd-version` is unmaintained.
"RUSTSEC-2025-0098",
# The crate `unic-ucd-ident` is unmaintained.
"RUSTSEC-2025-0100",
# The crate `rsa` is vulnerable to Marvin Attack that leaks
# cryptographic secret via side channel. Wait for a patch in stable
# release version from upstream.
"RUSTSEC-2023-0071",
]
# This section is considered when running `cargo deny check licenses`
# More documentation for the licenses section can be found here:
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
[licenses]
# List of explicitly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.11 short identifier (+ optional exception)].
allow = [
"Apache-2.0 WITH LLVM-exception",
"Apache-2.0",
"BSD-2-Clause",
"BSD-3-Clause",
"BSL-1.0",
"CC0-1.0",
"CDLA-Permissive-2.0",
"ISC",
"MIT",
"MPL-2.0",
"OpenSSL",
"OFL-1.1",
"Ubuntu-font-1.0",
"Unicode-3.0",
"Zlib",
]
# The confidence threshold for detecting a license from license text.
# The higher the value, the more closely the license text must be to the
# canonical license text of a valid SPDX license file.
# [possible values: any between 0.0 and 1.0].
confidence-threshold = 0.8
# Allow 1 or more licenses on a per-crate basis, so that particular licenses
# aren't accepted for every possible crate as with the normal allow list
exceptions = [
# rav1e depends on libfuzzer-sys when cfg(fuzzing) is true, which it isn't for servo builds.
# cargo-deny is being run with --all-features, so we need to explicitly make an exception here.
{ allow = ["NCSA"], crate = "libfuzzer-sys" },
]
# This section is considered when running `cargo deny check bans`.
# More documentation about the 'bans' section can be found here:
# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
[bans]
external-default-features = "allow"
highlight = "all"
multiple-versions = "deny"
wildcards = "allow"
workspace-default-features = "allow"
# List of crates that are allowed. Use with care!
allow = []
# List of crates to deny:
deny = [
"num",
]
# List of crates to skip for the duplicate check:
skip = [
"bitflags",
"cookie",
"futures",
"redox_syscall",
# New versions of these dependencies is pulled in by GStreamer / GLib.
"itertools",
# Duplicated by egui
"windows-strings",
# Duplicated by egui-file-dialog
"windows",
"windows-implement",
"windows-interface",
"windows-link",
"windows-result",
# Duplicated by winit.
"windows-sys",
"windows-targets",
"windows_aarch64_gnullvm",
"windows_aarch64_msvc",
"windows_i686_gnu",
"windows_i686_msvc",
"windows_x86_64_gnu",
"windows_x86_64_gnullvm",
"windows_x86_64_msvc",
# Duplicated by zbus.
"windows_i686_gnullvm",
# wgpu has the latest and greatest.
"windows-core",
# rust-content-security-policy uses newest base64.
"base64",
# Duplicated by gilrs.
"core-foundation",
"mach2",
# wgpu crates still depend on 1.1.0
"rustc-hash",
# wgpu depends on thiserror 2, while rest is still on 1
"thiserror",
"thiserror-impl",
# duplicated by webdriver
"h2",
"headers",
"headers-core",
"http",
"http-body",
"hyper",
"socket2",
# duplicated by winit
"objc2-app-kit",
"objc2-foundation",
"objc2",
# duplicated by tungstenite
"getrandom",
"rand",
"rand_chacha",
"rand_core",
# duplicated by blurz/blurmock
"hex",
# duplciated by rustix
"linux-raw-sys",
# duplicated by async-io
"rustix",
# duplicated by zbus-xml
"quick-xml",
# duplicated by sea-query
"heck",
# duplicated by bindgen as build dependency
# Remove when cexpr updates its nom version
# and bindgen updates the cexpr version
"nom",
# duplicated by image 0.25
"cfg-expr",
"system-deps",
"target-lexicon",
# duplicated by core-graphics
"core-graphics-types",
# duplicated by winresource and proc-macro-crate. Once everything
# switches to the latest version of toml we can remove this. It's
# really just a build dep, so not a large problem.
"toml_datetime",
"toml_edit",
# usvg depends on svgtypes, which depends on old version of kurbo
"kurbo",
# Dependency by quick_cache and other
"hashbrown",
# Duplicated by ml-kem 0.2.1 and ml-dsa 0.0.4. They use different
# version of hybrid-array. Once ml-kem releases the next version
# 0.3.0 and ml-dsa releases the next version 0.1.0, we can remove
# this.
"hybrid-array",
]
# github.com organizations to allow git sources for
[sources.allow-org]
github = ["servo"]
Reference in New Issue View Git Blame Copy Permalink