Expand description
Clash policy language: parsing, IR, compilation, and evaluation.
Extracted from clash::policy to break a circular dep with clash-lsp.
Policies are authored in Starlark and compiled to a uniform trie IR.
Evaluation is a single DFS pass — first match wins.
Re-exports§
pub use compile::compile_multi_level_to_tree;pub use error::CompileError;pub use error::PolicyError;pub use error::PolicyParseError;pub use ir::DecisionTrace;pub use ir::PolicyDecision;pub use ir::RuleMatch;pub use ir::RuleSkip;pub use match_tree::CompiledPolicy;pub use match_tree::IncludeEntry;pub use match_tree::PolicyManifest;
Modules§
- compile
- Compiler: Starlark JSON → CompiledPolicy.
- diff
- Tree diff utility for policy changes.
- error
- Unified error types for the policy subsystem.
- format
- Human-readable formatting for policy IR types.
- ir
- Intermediate representation (IR) types for compiled policies.
- manifest_
edit - CRUD operations on
PolicyManifesttree nodes. - match_
tree - Match tree IR — a uniform trie for policy evaluation.
- path
- Unified path resolution for sandbox enforcement.
- sandbox_
edit - CRUD operations on sandbox definitions within a
PolicyManifest. - sandbox_
types - Sandbox capability types for kernel-enforced process restrictions.
- test_
eval - Shared test parsing and evaluation for policy testing.
Enums§
- Effect
- The effect a statement produces.
- Policy
Level - Policy level — where a policy file lives in the precedence hierarchy.