1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
use fmt;
use ;
/// Wire types generated at build time from canopy's OpenAPI document.
///
/// These are the canonical request and response types for canopy's API, and the
/// ones to reach for first. The build script fetches the live spec and
/// regenerates them, so they track canopy as it evolves and nothing here is
/// hand-maintained or committed. Each type carries the schema's own description
/// as rustdoc. (A failed fetch fails the build rather than silently using the
/// committed snapshot, which is reserved for docs.rs and explicit offline
/// builds — see the build script.)
///
/// Naming follows canopy's schema: request bodies are `…Args` (e.g.
/// [`BackupCredentialsArgs`], [`ReportArgs`], [`BackupCapabilitiesArgs`]), and
/// credentials come back as [`CredentialProcessOutput`].
///
/// The generated source is rewritten in two ways the raw JSON Schema can't
/// express (see the build script): timestamp fields are [`jiff::Timestamp`]
/// rather than strings, and credential secrets (`secret_access_key`,
/// `session_token`, `repo_password`) are wrapped in [`Redacted`] so they never
/// surface in `Debug` output or logs — read them through the inner value.
///
/// [`CanopyClient`] has one generated method per endpoint (also emitted from the
/// spec into this module — e.g. `backup_credentials`, `restore_worklist`,
/// `tags`), taking and returning these types; that's how you call canopy. The
/// method name is the path (`/backup-credentials` → `backup_credentials`), verb-
/// prefixed only where a path is served by several verbs. `backup_target`'s
/// dormant-device case is read from its result via [`TargetOutcome::from_result`];
/// any non-2xx surfaces as [`CanopyHttpError`]. The generic
/// `get`/`request`/`request_json` escape hatch is behind the off-by-default
/// `raw-requests` feature — reach for it only for something the generated methods
/// don't cover.
///
/// [`BackupCredentialsArgs`]: schema::BackupCredentialsArgs
/// [`ReportArgs`]: schema::ReportArgs
/// [`BackupCapabilitiesArgs`]: schema::BackupCapabilitiesArgs
/// [`CredentialProcessOutput`]: schema::CredentialProcessOutput
pub use ;
pub use ;
pub use reqwest;
/// Wraps a sensitive value so its `Debug` output doesn't leak the contents.
;