Skip to content

Commit de24395

Browse files
Jake-ShadleJake-Shadle
authored
Improve license check output (#786)
Also updates spdx, which changes how GNU licenses are matched in expressions, resolving: #784
1 parent aa8306b commit de24395

39 files changed

+1681
-1315
lines changed

.github/workflows/ci.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ jobs:
4848
- uses: actions/checkout@v4
4949
- uses: dtolnay/rust-toolchain@master
5050
with:
51-
toolchain: 1.85.0
51+
toolchain: 1.88.0
5252
components: "clippy"
5353
- run: cargo fetch
5454
- name: cargo clippy

.mergify.yml

Lines changed: 0 additions & 16 deletions
This file was deleted.

CHANGELOG.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
88

99
<!-- next-header -->
1010
## [Unreleased] - ReleaseDate
11+
### Added
12+
- [PR#779](https://github.com/EmbarkStudios/cargo-deny/pull/779) added the `--metadata-path` argument to use a cargo metadata JSON file instead of calling cargo metadata, resolving [#777](https://github.com/EmbarkStudios/cargo-deny/issues/777).
13+
- [PR#782](https://github.com/EmbarkStudios/cargo-deny/pull/782) added `sources.unused-allow-source` to allow configuration of the lint level when a source is allowed but not used by any crate in the graph, closing [#781](https://github.com/EmbarkStudios/cargo-deny/issues/781).
14+
15+
### Changed
16+
- [PR#786](https://github.com/EmbarkStudios/cargo-deny/pull/786) changed the license check output. `/` is no longer corrected to ` OR `, and if the license expression is found in the package's manifest, that span is used in diagnostic messages instead of the synthesized manifest.
17+
18+
### Fixed
19+
- [PR#786](https://github.com/EmbarkStudios/cargo-deny/pull/786) resolved [#784](https://github.com/EmbarkStudios/cargo-deny/issues/784) by updating `spdx` to a new version that forces all GNU licenses to be exactly equal when comparing license expressions to licensee expressions, which is incredibly pedantic, but means the license comparison is entirely in the hands of the user so that I no longer have to deal with GNU licenses.
20+
1121
## [0.18.3] - 2025-06-11
1222
### Changed
1323
- [PR#773](https://github.com/EmbarkStudios/cargo-deny/pull/773) changed cargo-deny's duplicate detection to automatically ignore versions whose only dependent is another version of the same crate.

0 commit comments

Comments
 (0)