Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: 9a78ea94eb
Branches Tags
ydb
/
build
/
rules
/
contrib_restricted.policy

contrib_restricted.policy 9.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210 
  1. # == Rules for contrib/restricted section ==
    2. 

  2. #
    3. 

  3. # NOTE: rules should be ordered from specific to generic (first matching rule is used)
    4. 

  4. # See rule syntax docs: https://wiki.yandex-team.ru/devrules/overall/peerdirprohibition/
    5. 

  5. 

  6. # taxi/tools/dorblu is legacy tool, only hotfixes are made
    7. 

  7. ALLOW taxi/tools/dorblu/lib -> contrib/restricted/boost/libs
    8. 

  8. 

  9. # scale_ipp filter for ffmpeg use Intel IPP hence it is nonfree
    10. 

  10. ALLOW strm/cv/ffmpeg_adcv/toshik_filters -> contrib/restricted/ffmpeg-3-scale-ipp
    11. 

  11. 

  12. # libzvbi is GPL
    13. 

  13. ALLOW strm/cv/ffmpeg_adcv/libavcodec -> contrib/restricted/libzvbi
    14. 

  14. 

  15. # CityHash-1.0.2 is a specific version hardwired into ClickHouse public interface
    16. 

  16. ALLOW clickhouse -> contrib/restricted/cityhash-1.0.2
    17. 

  17. ALLOW library/cpp/clickhouse -> contrib/restricted/cityhash-1.0.2
    18. 

  18. ALLOW saas/library/hash_to_block_mode -> contrib/restricted/cityhash-1.0.2
    19. 

  19. 

  20. # dragonbox is a specific library for float formatting
    21. 

  21. ALLOW clickhouse -> contrib/restricted/dragonbox
    22. 

  22. 

  23. # same rules for restricted set of sources in YQL
    24. 

  24. ALLOW ydb/library/yql/udfs/common/clickhouse/client -> contrib/restricted/cityhash-1.0.2
    25. 

  25. ALLOW ydb/library/yql/udfs/common/clickhouse/client -> contrib/restricted/boost
    26. 

  26. ALLOW ydb/library/yql/udfs/common/clickhouse/client -> contrib/restricted/dragonbox
    27. 

  27. ALLOW ydb/library/yql/udfs/common/clickhouse/client -> contrib/restricted/fast_float
    28. 

  28. 

  29. # fast_float is a faster alternative to double-conversion for float parsing.
    30. 

  30. # ClickHouse uses the best libraries for performance, that's why it changes them with insane speed.
    31. 

  31. # Arcadia is not ready for this, that's why we added this library in restricted.
    32. 

  32. ALLOW clickhouse -> contrib/restricted/fast_float
    33. 

  33. 

  34. # ClickHouse uses hash-table from abseil-cpp for better performance in CacheDictionaries and SSDCacheDictionaries,
    35. 

  35. # because it the best best open source hash table framework (swiss hash tables, hash functions)
    36. 

  36. ALLOW clickhouse -> contrib/restricted/abseil-cpp
    37. 

  37. 

  38. # TurboBase64 is a fast vectorized library for encoding/decoding base64.
    39. 

  39. ALLOW clickhouse -> contrib/restricted/turbo_base64
    40. 

  40. 

  41. # For HBase client: CONTRIB-1790
    42. 

  42. ALLOW passport/infra -> contrib/restricted/thrift
    43. 

  43. 

  44. # keyutils is LGPL: CONTRIB-2236
    45. 

  45. ALLOW passport/infra -> contrib/restricted/keyutils
    46. 

  46. 

  47. # For Apache Arrow: CONTRIB-1662
    48. 

  48. ALLOW mds -> contrib/restricted/uriparser
    49. 

  49. 

  50. # For patched imagemagick CONTRIB-1902
    51. 

  51. ALLOW mds -> contrib/restricted/ImageMagickMDS
    52. 

  52. 

  53. # https://st.yandex-team.ru/CONTRIB-2020
    54. 

  54. ALLOW weather -> contrib/restricted/range-v3
    55. 

  55. 

  56. # https://st.yandex-team.ru/CONTRIB-2492
    57. 

  57. ALLOW weather -> contrib/restricted/aviso-fes
    58. 

  58. 

  59. # ALSA library is LGPL
    60. 

  60. ALLOW yandex_io -> contrib/restricted/alsa-lib
    61. 

  61. ALLOW smart_devices -> contrib/restricted/alsa-lib
    62. 

  62. 

  63. # Avahi is LGPL
    64. 

  64. ALLOW yandex_io -> contrib/restricted/avahi
    65. 

  65. 

  66. # GLib is LGPL
    67. 

  67. ALLOW maps/libs/img -> contrib/restricted/glib
    68. 

  68. ALLOW maps/renderer/libs/svgrenderer -> contrib/restricted/glib
    69. 

  69. ALLOW market/cataloger -> contrib/restricted/glib
    70. 

  70. ALLOW market/idx/feeds/feedparser -> contrib/restricted/glib
    71. 

  71. ALLOW metrika/core/libs/statdaemons -> contrib/restricted/glib
    72. 

  72. ALLOW metrika/core/libs/strconvert -> contrib/restricted/glib
    73. 

  73. ALLOW yandex_io -> contrib/restricted/glib
    74. 

  74. 

  75. # GStreamer is LGPL
    76. 

  76. ALLOW sdg/infra/rtsp_probe -> contrib/restricted/gstreamer
    77. 

  77. ALLOW sdg/infra/rtsp_probe -> contrib/restricted/gst-plugins-base
    78. 

  78. ALLOW sdg/infra/rtsp_probe -> contrib/restricted/gst-plugins-good
    79. 

  79. ALLOW sdg/infra/rtsp_probe -> contrib/restricted/gst-plugins-ugly
    80. 

  80. ALLOW sdg/infra/rtsp_probe -> contrib/restricted/gst-rtsp-server
    81. 

  81. ALLOW yandex_io -> contrib/restricted/gstreamer
    82. 

  82. ALLOW yandex_io -> contrib/restricted/gst-plugins-base
    83. 

  83. ALLOW yandex_io -> contrib/restricted/gst-plugins-good
    84. 

  84. ALLOW yandex_io -> contrib/restricted/gst-plugins-bad
    85. 

  85. ALLOW yandex_io -> contrib/restricted/patched/gst-libav
    86. 

  86. 

  87. # mpg123 is LGPL
    88. 

  88. ALLOW extsearch/audio/kernel/recoglib -> contrib/restricted/mpg123
    89. 

  89. 

  90. # OpenAL Soft is LGPL
    91. 

  91. ALLOW yandex_io -> contrib/restricted/openal-soft
    92. 

  92. ALLOW speechkit -> contrib/restricted/openal-soft
    93. 

  93. 

  94. # rubberband is a GPL audio stretching library
    95. 

  95. ALLOW dict/mt/video -> contrib/restricted/rubberband
    96. 

  96. 

  97. # Allowed subset of abseil is exported via library/
    98. 

  98. ALLOW library/cpp/containers/absl_flat_hash -> contrib/restricted/abseil-cpp/absl/container
    99. 

  99. ALLOW library/cpp/containers/absl_tstring_flat_hash -> contrib/restricted/abseil-cpp-tstring/y_absl/container
    100. 

  100. 

  101. # spdlog is just yet another best logging engine
    102. 

  102. # The best logging engine, however, is to be designed in CPPCOM-20
    103. 

  103. ALLOW quasar/backend/src/base -> contrib/restricted/spdlog
    104. 

  104. ALLOW crypta/lib/native/log -> contrib/restricted/spdlog
    105. 

  105. ALLOW yandex_io -> contrib/restricted/spdlog
    106. 

  106. ALLOW smart_devices/tools/launcher2 -> contrib/restricted/spdlog
    107. 

  107. ALLOW smart_devices/tools/updater -> contrib/restricted/spdlog
    108. 

  108. 

  109. # cmph is a limited-use library
    110. 

  110. ALLOW ads/yacontext -> contrib/restricted/cmph
    111. 

  111. 

  112. # http-parser is a low-level parser for http bytestream.
    113. 

  113. # Consider using high-level alternatives.
    114. 

  114. ALLOW mds -> contrib/restricted/http-parser
    115. 

  115. ALLOW taxi/uservices -> contrib/restricted/http-parser
    116. 

  116. ALLOW yt/yt/core/http -> contrib/restricted/http-parser
    117. 

  117. ALLOW yweb/robot/fetcher/fetcher/user/http -> contrib/restricted/http-parser
    118. 

  118. 

  119. # Prefer using skynet for data distribution
    120. 

  120. ALLOW maps/infra/ecstatic -> contrib/restricted/libtorrent
    121. 

  121. 

  122. # Consider using util / library/cpp/digest versions instead of a raw murmurhash functions.
    123. 

  123. #
    124. 

  124. # strm/common/go/pkg/murmur3 is a CGO binding to murmurhash, thus dependency is allowed
    125. 

  125. ALLOW strm/common/go/pkg/murmur3 -> contrib/restricted/murmurhash
    126. 

  126. ALLOW clickhouse -> contrib/restricted/murmurhash
    127. 

  127. 

  128. # exiv2 is GPL-licensed. Only small subset of our libraries can use it.
    129. 

  129. ALLOW extsearch/images/chunks/exiftags -> contrib/restricted/exiv2
    130. 

  130. ALLOW maps/wikimap/mapspro/services/mrc/libs/common -> contrib/restricted/exiv2
    131. 

  131. ALLOW yweb/disk/ocraas -> contrib/restricted/exiv2
    132. 

  132. 

  133. # Only allow boost in yandex projects listed below
    134. 

  134. ALLOW adfox -> contrib/restricted/boost
    135. 

  135. ALLOW ads -> contrib/restricted/boost
    136. 

  136. ALLOW advq -> contrib/restricted/boost
    137. 

  137. ALLOW alice/nlu -> contrib/restricted/boost
    138. 

  138. ALLOW alice/vins_contrib/crfsuitex -> contrib/restricted/boost
    139. 

  139. ALLOW clickhouse -> contrib/restricted/boost
    140. 

  140. ALLOW devtools -> contrib/restricted/boost
    141. 

  141. ALLOW extsearch/geo/poi_service/tools/storage_reader -> contrib/restricted/boost
    142. 

  142. ALLOW infra/contrib/pdns -> contrib/restricted/boost
    143. 

  143. ALLOW juggler/pongerd -> contrib/restricted/boost
    144. 

  144. ALLOW lbs/locator -> contrib/restricted/boost
    145. 

  145. ALLOW library/cpp/testing/boost_test$ -> contrib/restricted/boost/libs/test
    146. 

  146. ALLOW library/cpp/testing/boost_test_main$ -> contrib/restricted/boost/libs/test
    147. 

  147. ALLOW library/cpp/testing/gtest_boost_extensions -> contrib/restricted/boost
    148. 

  148. ALLOW logbroker/pipe-parser -> contrib/restricted/boost
    149. 

  149. ALLOW mail -> contrib/restricted/boost
    150. 

  150. ALLOW maps -> contrib/restricted/boost
    151. 

  151. ALLOW market/idx/feeds/feedparser -> contrib/restricted/boost
    152. 

  152. ALLOW market/idx/stats/src -> contrib/restricted/boost
    153. 

  153. ALLOW mds -> contrib/restricted/boost
    154. 

  154. ALLOW metrika -> contrib/restricted/boost
    155. 

  155. ALLOW netsys/tiles-vcdiff/gen-tiles -> contrib/restricted/boost
    156. 

  156. ALLOW orgvisits/dwellplaces -> contrib/restricted/boost
    157. 

  157. ALLOW orgvisits/heuristics -> contrib/restricted/boost
    158. 

  158. ALLOW orgvisits/library/soc -> contrib/restricted/boost
    159. 

  159. ALLOW quasar/backend -> contrib/restricted/boost
    160. 

  160. ALLOW regulargeo/research -> contrib/restricted/boost
    161. 

  161. ALLOW rem/python/geobase30 -> contrib/restricted/boost
    162. 

  162. ALLOW drive/contrib/cpp/telemetry -> contrib/restricted/boost
    163. 

  163. ALLOW smart_devices -> contrib/restricted/boost
    164. 

  164. ALLOW statbox/libstatbox -> contrib/restricted/boost
    165. 

  165. ALLOW taxi/uservices -> contrib/restricted/boost
    166. 

  166. ALLOW tools/idl -> contrib/restricted/boost
    167. 

  167. ALLOW voicetech/tools -> contrib/restricted/boost
    168. 

  168. ALLOW weather/archive/grid_api/lib -> contrib/restricted/boost
    169. 

  169. ALLOW yabs/telephony -> contrib/restricted/boost
    170. 

  170. ALLOW yandex_io -> contrib/restricted/boost
    171. 

  171. ALLOW yweb/robot/js -> contrib/restricted/boost
    172. 

  172. ALLOW market/access/server/env -> contrib/restricted/boost
    173. 

  173. ALLOW sdg/sdc -> contrib/restricted/boost
    174. 

  174. ALLOW search/meta/scatter/ant -> contrib/restricted/boost
    175. 

  175. ALLOW search/meta/scatter/ut -> contrib/restricted/boost
    176. 

  176. 

  177. # use GTEST target in ya.make instead of PEERDIRing contrib/restricted/googletest
    178. 

  178. # and include <library/cpp/testing/gtest.h> instead of <gtest/gtest.h> (<gmock/gmock.h>)
    179. 

  179. ALLOW contrib -> contrib/restricted/googletest
    180. 

  180. ALLOW library/cpp/testing/gmock_in_unittest -> contrib/restricted/googletest
    181. 

  181. ALLOW library/cpp/testing/gtest -> contrib/restricted/googletest
    182. 

  182. ALLOW library/cpp/testing/gtest_boost_extensions -> contrib/restricted/googletest
    183. 

  183. ALLOW library/cpp/testing/gtest_extensions -> contrib/restricted/googletest
    184. 

  184. ALLOW library/cpp/testing/gtest_main -> contrib/restricted/googletest
    185. 

  185. ALLOW library/cpp/testing/gtest_protobuf -> contrib/restricted/googletest
    186. 

  186. ALLOW library/python/testing/gtest/test/gtest -> contrib/restricted/googletest
    187. 

  187. # TODO remove this lines after they will switch to library/cpp/testing/gtest
    188. 

  188. ALLOW mail -> contrib/restricted/googletest
    189. 

  189. ALLOW maps/mobile/libs -> contrib/restricted/googletest
    190. 

  190. ALLOW maps/mobile/bundle -> contrib/restricted/googletest
    191. 

  191. ALLOW mds -> contrib/restricted/googletest
    192. 

  192. # A mere proxy to allow using gmock in libraries without being bound to specific test framework
    193. 

  193. # See IGNIETFERRO-1827 for details.
    194. 

  194. ALLOW library/cpp/testing/gmock -> contrib/restricted/googletest/googlemock
    195. 

  195. 

  196. # allow usage of MIT part
    197. 

  197. ALLOW .* -> contrib/restricted/librseq/headeronly
    198. 

  198. 

  199. # we use nfs-ganesha for Network File Store gateway
    200. 

  200. ALLOW cloud/filestore/gateway/nfs -> contrib/restricted/nfs_ganesha
    201. 

  201. 

  202. ALLOW yandex_io -> contrib/restricted/patched/hostap_client
    203. 

  203. 

  204. # Default policies:
    205. 

  205. #
    206. 

  206. # Do not restrict contrib
    207. 

  207. # All peerdirs to contrib/restricted from outside are prohibited
    208. 

  208. #
    209. 

  209. ALLOW contrib -> contrib/restricted
    210. 

  210. DENY .* -> contrib/restricted
    211.