v1.2.16 - cargo-deny 0.11.4

Added

• PR#49 added the command-arguments option to the action. Thanks @ryo33!

v1.2.15 - cargo-deny 0.11.3

Fixed

• Accidentally change how arguments were forwarded to cargo-deny which broken more complicated invocations

v1.2.14 - cargo-deny 0.11.3

Added

• Added git to the image, resolving #40

v1.2.13 - cargo-deny 0.11.3

Changed

• Added the rust-version github actions variable, allowing you to specify a specific cargo version to use when running cargo-deny, including nightly, or other unstable versions.

v1.2.12 - cargo-deny 0.11.3

Fixed

• PR#407 resolved #406 by always checking license exceptions first.

v1.2.10 - cargo-deny 0.11.1

Added

• PR#391 resolved #344 by adding [licenses.ignore-sources] to ignore license checking for crates sourced from 1 or more specified registries. Thanks @ShellWowza!
• PR#396 resolved #366 by also looking for .deny.toml in addition to deny.toml if a config file is not specified.

Changed

• PR#392 updated all dependencies.

Fixed

• PR#393 resolved #371 by changing the default for version requirements specified in config files to accept all versions, rather than using the almost-but-not-quite default of *.
• PR#394 resolved #147 by ignore all private crates, not only the ones in the workspace.
• PR#395 resolved #375 by fixing a potential infinite loop when using [bans.skip-tree].

v1.2.9 - cargo-deny 0.11.0

Fixed image to use proper tag.

v1.2.8 - cargo-deny 0.11.0

Updated the cargo version in the image to 1.57.0 to allow for the use of custom profiles.

v1.2.6 - cargo-deny 0.11.0

[0.11.0] - 2021-12-06

Changed

• PR#382 updated dependencies and bumped the Minimum Stable Rust Version to 1.56.1.

[0.10.3] - 2021-11-22

Changed

• PR#379 updated askalono which got rid of the failure dependency, which was pulling in a lot of additional crates that are now gone.

Fixed

• PR#379 fixed #378 which was an edge case where the sources check was executed against a crate that didn't use any crates from crates.io, and the config file was shorter than the crates.io URL.

[0.10.2] - 2021-11-21

Fixed

• PR#376 fixed the JSON formatting when using --format json output option. Thanks @dnaka91!

Changed

• PR#377 updated dependencies.

[0.10.1] - 2021-11-10

Fixed

• PR#347 resolved #372 by correcting a slight mistake that resulted in an incorrect hash making cargo-deny unable to lookup index or crate information from the local file system.

[0.10.0] - 2021-10-29

Added

• PR#353 resolved #351 by adding the sources.private field to blanket allow git repositories sourced from a particular url.
• PR#359 resolved #341 and #357 by adding support for the --frozen, --locked, and --offline flags to determine whether network access is allowed, and whether the Cargo.lock file can be created and/or modified.
• PR#368 added the licenses.unused-allowed-license field to control whether the L006 - license was not encountered diagnostic. Thanks @thomcc!

Changed

• PR#358 bumped the Minimum Stable Rust Version to 1.53.0.
• PR#358 bumped various dependencies, notably semver to 1.0.3.

[0.9.1] - 2021-03-26

Changed

• Updated dependencies

Release 1.2.6 - cargo-deny 0.9.1

Changed

• Updated dependencies