From 0b428f7c41679876a455505c1ed2dfb4d7dc03c0 Mon Sep 17 00:00:00 2001 From: Vadim Kharitonov Date: Fri, 30 Dec 2022 11:11:28 +0100 Subject: [PATCH] Enable licenses check for 3rd-parties --- .github/workflows/build_and_test.yml | 6 ++ compute_tools/Cargo.toml | 1 + control_plane/Cargo.toml | 1 + deny.toml | 90 ++++++++++++++++++++++++++ libs/metrics/Cargo.toml | 1 + libs/pageserver_api/Cargo.toml | 1 + libs/postgres_connection/Cargo.toml | 1 + libs/postgres_ffi/Cargo.toml | 1 + libs/postgres_ffi/wal_craft/Cargo.toml | 2 +- libs/pq_proto/Cargo.toml | 1 + libs/remote_storage/Cargo.toml | 1 + libs/safekeeper_api/Cargo.toml | 1 + libs/tenant_size_model/Cargo.toml | 1 + libs/utils/Cargo.toml | 1 + pageserver/Cargo.toml | 1 + proxy/Cargo.toml | 1 + safekeeper/Cargo.toml | 1 + storage_broker/Cargo.toml | 1 + 18 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 deny.toml diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 17c698482c..9021ac48d9 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -111,6 +111,7 @@ jobs: # Some of our rust modules use FFI and need those to be checked - name: Get postgres headers run: make postgres-headers -j$(nproc) + - name: Run cargo clippy run: ./run_clippy.sh @@ -126,6 +127,11 @@ jobs: cargo hakari generate --diff # workspace-hack Cargo.toml is up-to-date cargo hakari manage-deps --dry-run # all workspace crates depend on workspace-hack + # https://github.com/EmbarkStudios/cargo-deny + - name: Check rust licenses/bans/advisories/sources + if: ${{ !cancelled() }} + run: cargo deny check + build-neon: runs-on: [ self-hosted, dev, x64 ] container: diff --git a/compute_tools/Cargo.toml b/compute_tools/Cargo.toml index c40d870649..4c65649610 100644 --- a/compute_tools/Cargo.toml +++ b/compute_tools/Cargo.toml @@ -2,6 +2,7 @@ name = "compute_tools" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] anyhow = "1.0" diff --git a/control_plane/Cargo.toml b/control_plane/Cargo.toml index 180508a01a..1c6cd6d882 100644 --- a/control_plane/Cargo.toml +++ b/control_plane/Cargo.toml @@ -2,6 +2,7 @@ name = "control_plane" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] anyhow = "1.0" diff --git a/deny.toml b/deny.toml new file mode 100644 index 0000000000..3a0fe36f87 --- /dev/null +++ b/deny.toml @@ -0,0 +1,90 @@ +# This file was auto-generated using `cargo deny init`. +# cargo-deny is a cargo plugin that lets you lint your project's +# dependency graph to ensure all your dependencies conform +# to your expectations and requirements. + +# Root options +targets = [] +all-features = false +no-default-features = false +feature-depth = 1 + +# This section is considered when running `cargo deny check advisories` +# More documentation for the advisories section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html +[advisories] +db-urls = ["https://github.com/rustsec/advisory-db"] +vulnerability = "deny" +unmaintained = "warn" +yanked = "warn" +notice = "warn" +ignore = [] + +# This section is considered when running `cargo deny check licenses` +# More documentation for the licenses section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html +[licenses] +unlicensed = "deny" +allow = [ + "Apache-2.0", + "Artistic-2.0", + "BSD-2-Clause", + "BSD-3-Clause", + "ISC", + "MIT", + "MPL-2.0", + "OpenSSL", + "Unicode-DFS-2016", +] +deny = [] +copyleft = "warn" +allow-osi-fsf-free = "neither" +default = "deny" +confidence-threshold = 0.8 +exceptions = [ + # Zlib license has some restrictions if we decide to change sth + { allow = ["Zlib"], name = "const_format_proc_macros", version = "*" }, + { allow = ["Zlib"], name = "const_format", version = "*" }, +] + +[[licenses.clarify]] +name = "ring" +version = "*" +expression = "MIT AND ISC AND OpenSSL" +license-files = [ + { path = "LICENSE", hash = 0xbd0eed23 }, +] + +[licenses.private] +ignore = true +registries = [] + +# This section is considered when running `cargo deny check bans`. +# More documentation about the 'bans' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html +[bans] +multiple-versions = "warn" +wildcards = "allow" +highlight = "all" +workspace-default-features = "allow" +external-default-features = "allow" +allow = [] +deny = [] +skip = [] +skip-tree = [] + +# This section is considered when running `cargo deny check sources`. +# More documentation about the 'sources' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html +[sources] +unknown-registry = "warn" +unknown-git = "warn" +allow-registry = ["https://github.com/rust-lang/crates.io-index"] +allow-git = [] + +[sources.allow-org] +github = [ + "neondatabase", +] +gitlab = [] +bitbucket = [] diff --git a/libs/metrics/Cargo.toml b/libs/metrics/Cargo.toml index d0cd46d2a9..d155f1e07d 100644 --- a/libs/metrics/Cargo.toml +++ b/libs/metrics/Cargo.toml @@ -2,6 +2,7 @@ name = "metrics" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] prometheus = {version = "0.13", default_features=false, features = ["process"]} # removes protobuf dependency diff --git a/libs/pageserver_api/Cargo.toml b/libs/pageserver_api/Cargo.toml index 2102ae5373..68d4c609f0 100644 --- a/libs/pageserver_api/Cargo.toml +++ b/libs/pageserver_api/Cargo.toml @@ -2,6 +2,7 @@ name = "pageserver_api" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] serde = { version = "1.0", features = ["derive"] } diff --git a/libs/postgres_connection/Cargo.toml b/libs/postgres_connection/Cargo.toml index 1924b260fa..12b7abcc93 100644 --- a/libs/postgres_connection/Cargo.toml +++ b/libs/postgres_connection/Cargo.toml @@ -2,6 +2,7 @@ name = "postgres_connection" version = "0.1.0" edition = "2021" +license = "Apache-2.0" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/libs/postgres_ffi/Cargo.toml b/libs/postgres_ffi/Cargo.toml index 59eec3de32..aa076b08d3 100644 --- a/libs/postgres_ffi/Cargo.toml +++ b/libs/postgres_ffi/Cargo.toml @@ -2,6 +2,7 @@ name = "postgres_ffi" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] rand = "0.8.3" diff --git a/libs/postgres_ffi/wal_craft/Cargo.toml b/libs/postgres_ffi/wal_craft/Cargo.toml index dd9f82a87a..abfc263550 100644 --- a/libs/postgres_ffi/wal_craft/Cargo.toml +++ b/libs/postgres_ffi/wal_craft/Cargo.toml @@ -2,7 +2,7 @@ name = "wal_craft" version = "0.1.0" edition = "2021" - +license = "Apache-2.0" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] diff --git a/libs/pq_proto/Cargo.toml b/libs/pq_proto/Cargo.toml index 76d8fbf28d..daa0b593be 100644 --- a/libs/pq_proto/Cargo.toml +++ b/libs/pq_proto/Cargo.toml @@ -2,6 +2,7 @@ name = "pq_proto" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] anyhow = "1.0" diff --git a/libs/remote_storage/Cargo.toml b/libs/remote_storage/Cargo.toml index ebd30fc1eb..5a39f27209 100644 --- a/libs/remote_storage/Cargo.toml +++ b/libs/remote_storage/Cargo.toml @@ -2,6 +2,7 @@ name = "remote_storage" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] anyhow = { version = "1.0", features = ["backtrace"] } diff --git a/libs/safekeeper_api/Cargo.toml b/libs/safekeeper_api/Cargo.toml index 15bdecd71d..32cda78be4 100644 --- a/libs/safekeeper_api/Cargo.toml +++ b/libs/safekeeper_api/Cargo.toml @@ -2,6 +2,7 @@ name = "safekeeper_api" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] serde = { version = "1.0", features = ["derive"] } diff --git a/libs/tenant_size_model/Cargo.toml b/libs/tenant_size_model/Cargo.toml index 1aabf5a4f9..3a1a0f7915 100644 --- a/libs/tenant_size_model/Cargo.toml +++ b/libs/tenant_size_model/Cargo.toml @@ -3,6 +3,7 @@ name = "tenant_size_model" version = "0.1.0" edition = "2021" publish = false +license = "Apache-2.0" [dependencies] workspace_hack = { version = "0.1", path = "../../workspace_hack" } diff --git a/libs/utils/Cargo.toml b/libs/utils/Cargo.toml index 670270b63e..9c7fcafe23 100644 --- a/libs/utils/Cargo.toml +++ b/libs/utils/Cargo.toml @@ -2,6 +2,7 @@ name = "utils" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] sentry = { version = "0.29.0", default-features = false, features = ["backtrace", "contexts", "panic", "rustls", "reqwest" ] } diff --git a/pageserver/Cargo.toml b/pageserver/Cargo.toml index c0f3c76c4e..8f112fa670 100644 --- a/pageserver/Cargo.toml +++ b/pageserver/Cargo.toml @@ -2,6 +2,7 @@ name = "pageserver" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [features] default = [] diff --git a/proxy/Cargo.toml b/proxy/Cargo.toml index e630b2758d..0bf47c7b88 100644 --- a/proxy/Cargo.toml +++ b/proxy/Cargo.toml @@ -2,6 +2,7 @@ name = "proxy" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] anyhow = "1.0" diff --git a/safekeeper/Cargo.toml b/safekeeper/Cargo.toml index fbcb3f34f7..d0c804fe4e 100644 --- a/safekeeper/Cargo.toml +++ b/safekeeper/Cargo.toml @@ -2,6 +2,7 @@ name = "safekeeper" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [dependencies] async-stream = "0.3" diff --git a/storage_broker/Cargo.toml b/storage_broker/Cargo.toml index 7aa33a5234..180c506254 100644 --- a/storage_broker/Cargo.toml +++ b/storage_broker/Cargo.toml @@ -2,6 +2,7 @@ name = "storage_broker" version = "0.1.0" edition = "2021" +license = "Apache-2.0" [features] bench = []