From 3fbe2eea66b4346f2dd859d8edddb1a424bf1fe9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 1 Sep 2024 12:10:39 +0000
Subject: [PATCH 1/3] Bump the gha-deps group with 2 updates

Bumps the gha-deps group with 2 updates: [EmbarkStudios/cargo-deny-action](https://github.com/embarkstudios/cargo-deny-action) and [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels).


Updates `EmbarkStudios/cargo-deny-action` from 1.6.3 to 2.0.1
- [Release notes](https://github.com/embarkstudios/cargo-deny-action/releases)
- [Commits](https://github.com/embarkstudios/cargo-deny-action/compare/3f4a782664881cf5725d0ffd23969fcce89fd868...8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268)

Updates `mheap/github-action-required-labels` from 5.4.1 to 5.4.2
- [Release notes](https://github.com/mheap/github-action-required-labels/releases)
- [Commits](https://github.com/mheap/github-action-required-labels/compare/5847eef68201219cf0a4643ea7be61e77837bbce...d25134c992b943fb6ad00c25ea00eb5988c0a9dd)

---
updated-dependencies:
- dependency-name: EmbarkStudios/cargo-deny-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-deps
- dependency-name: mheap/github-action-required-labels
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/audit.yaml       | 2 +-
 .github/workflows/block-merge.yaml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
index 71c5fd71..7d1dea98 100644
--- a/.github/workflows/audit.yaml
+++ b/.github/workflows/audit.yaml
@@ -66,7 +66,7 @@ jobs:
             cargo generate-lockfile --verbose
           fi
 
-      - uses: EmbarkStudios/cargo-deny-action@3f4a782664881cf5725d0ffd23969fcce89fd868 # v1.6.3
+      - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 # v2.0.1
         with:
           arguments: --locked --all-features
           command: check ${{ matrix.checks }}
diff --git a/.github/workflows/block-merge.yaml b/.github/workflows/block-merge.yaml
index 16b671cf..8de0bf03 100644
--- a/.github/workflows/block-merge.yaml
+++ b/.github/workflows/block-merge.yaml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: mheap/github-action-required-labels@5847eef68201219cf0a4643ea7be61e77837bbce # v5.4.1
+      - uses: mheap/github-action-required-labels@d25134c992b943fb6ad00c25ea00eb5988c0a9dd # v5.4.2
         with:
           mode: exactly
           count: 0

From fe0ca45c1abd2a0a9ca92cdd917af43a1977592d Mon Sep 17 00:00:00 2001
From: Ryan Lopopolo <rjl@hyperbo.la>
Date: Sun, 8 Sep 2024 13:23:58 -0700
Subject: [PATCH 2/3] Update deny.toml to address deprecations removed in
 0.16.0

---
 deny.toml | 23 ++++++-----------------
 1 file changed, 6 insertions(+), 17 deletions(-)

diff --git a/deny.toml b/deny.toml
index ff112ef9..051caa8e 100644
--- a/deny.toml
+++ b/deny.toml
@@ -1,11 +1,7 @@
 [advisories]
-vulnerability = "deny"
-unmaintained = "deny"
-notice = "warn"
 ignore = []
 
 [licenses]
-unlicensed = "deny"
 allow = [
   "Apache-2.0",
   "BSD-3-Clause",
@@ -13,28 +9,21 @@ allow = [
   "MIT",
   "Unicode-DFS-2016",
 ]
-deny = []
-copyleft = "deny"
-allow-osi-fsf-free = "neither"
-default = "deny"
-confidence-threshold = 0.8
 
 [bans]
-multiple-versions = "warn" # multiple versions of syn and windows-sys as ecosystem converges
-wildcards = "deny"
+multiple-versions = "deny"
 highlight = "all"
 allow = []
-deny = [
-  { name = "time", version = ">=0.2.0" },
-]
+deny = []
 skip = []
 skip-tree = []
 
 [sources]
 unknown-registry = "deny"
 unknown-git = "deny"
+allow-registry = [
+  "https://github.com/rust-lang/crates.io-index",
+]
 
 [sources.allow-org]
-github = [
-  "artichoke",
-]
+github = ["artichoke"]

From 857f7e708beaae09f24018e1e50cfc96d6da7e2c Mon Sep 17 00:00:00 2001
From: Ryan Lopopolo <rjl@hyperbo.la>
Date: Sun, 8 Sep 2024 13:26:47 -0700
Subject: [PATCH 3/3] Update deny.toml to mirror artichoke's bans.deny config

---
 deny.toml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/deny.toml b/deny.toml
index 051caa8e..3f318693 100644
--- a/deny.toml
+++ b/deny.toml
@@ -14,7 +14,12 @@ allow = [
 multiple-versions = "deny"
 highlight = "all"
 allow = []
-deny = []
+# This deny configuration should mirror the one in artichoke/artichoke.
+deny = [
+  { name = "time", version = ">=0.2.0" },
+  # See https://github.com/artichoke/artichoke/pull/2564 for more context.
+  { name = "dirs-sys", version = ">= 0.4.1" },
+]
 skip = []
 skip-tree = []