Module policy_diff 

Semantic policy diff engine.

Compares two auths_policy::Expr trees and returns a structured list of semantic changes with risk classifications.

Structs

PolicyChange

A single semantic change between two policy expressions.

Enums

PolicyDiffError

Errors from policy diff operations.

Functions

compute_policy_diff

Compute the semantic diff between two compiled policy expressions.

overall_risk_score

Reduce a list of changes to a single risk label (HIGH > MEDIUM > LOW).