cerberust 0.1.0

Fast Rust guardrails for LLM input/output — composable scanners (PII, secrets, prompt-injection) and streaming middleware.
Documentation
# cargo-deny configuration. Run `cargo deny check` before publishing.

[advisories]
version = 2
yanked = "deny"
# `paste` is an archived, no-longer-maintained proc-macro pulled transitively by
# `tokenizers` (a Hugging Face crate) only with the `prompt-injection` feature.
# It is a compile-time-only macro with no runtime code or attack surface, and
# `tokenizers` has no released version that drops it. The advisory is
# unmaintained, not a vulnerability; ignore it until `tokenizers` migrates.
ignore = ["RUSTSEC-2024-0436"]

[licenses]
version = 2
# This crate is MIT OR Apache-2.0; accept the permissive set its dependencies
# use, plus the Unicode-3.0 license that `unicode-ident` (a regex dependency)
# carries.
#
# BSD-3-Clause and Zlib enter only with the `wasm` feature's wasmtime tree and
# are both OSI-approved permissive licenses compatible with MIT/Apache-2.0:
#   BSD-3-Clause — `encoding_rs` carries `(Apache-2.0 OR MIT) AND BSD-3-Clause`
#                  (a bundled charset test table is BSD-3, mandatory via AND).
#   Zlib         — `foldhash` (the default hashbrown hasher) is Zlib-only.
# ISC and CDLA-Permissive-2.0 enter only with the `prompt-injection` feature, and
# only as build-time dependencies of `ort-sys` — `ureq` fetches the prebuilt ONNX
# Runtime and checksum-verifies it. Neither links into the final binary; both are
# permissive and compatible with MIT/Apache-2.0:
#   ISC                  — `hmac-sha256` (the download checksum), the OpenBSD-style
#                          MIT-equivalent license.
#   CDLA-Permissive-2.0  — `webpki-root-certs` (TLS roots for the build-time
#                          download), an OSI-compatible permissive data license.
# Run `cargo deny --all-features check` to evaluate the wasm and prompt-injection
# trees; the default `cargo deny check` prunes the optional features and would
# not see these.
allow = [
    "MIT",
    "Apache-2.0",
    "Apache-2.0 WITH LLVM-exception",
    "Unicode-3.0",
    "BSD-3-Clause",
    "Zlib",
    "ISC",
    "CDLA-Permissive-2.0",
]
confidence-threshold = 0.9

[bans]
# A new crate pulling in a second version of an already-present dependency is a
# warning to investigate, not an error.
multiple-versions = "warn"
wildcards = "deny"

[sources]
unknown-registry = "deny"
unknown-git = "deny"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]