Module config 

Configuration types for the SQL query guard.

SqlGuardConfig captures the four enforcement knobs defined by phase 7.1 of the roadmap:

• operation_allowlist: which SQL operations are permitted (SELECT, INSERT, UPDATE, DELETE, DDL, other).
• table_allowlist: which tables may be referenced (case-insensitive).
• column_allowlist: optional per-table restriction on projected columns.
• denylisted_predicates: regex patterns matched against canonicalized WHERE clauses (for example to block OR 1=1 style injections).

The guard is fail-closed by default: an empty config denies every query. Operators can opt into an open configuration via SqlGuardConfig::allow_all, which the guard logs as a warning on construction.

Structs

SqlGuardConfig

Guard configuration for SqlQueryGuard.

Enums

SqlDialect

SQL dialect selector for sqlparser.

SqlOperation

Normalized SQL operation class tracked by the guard.