use super::{
RuleConfigurability, RuleDefaultSeverity, RuleDefinition, RuleLanguage, RuleStatus, bindings,
};
pub(crate) const RULE_DEFINITIONS: &[RuleDefinition] = &[
RuleDefinition {
id: "rust_debug_secret",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "Debug is derived on a type that carries secret-like fields.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_domain_default_produces_invalid",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "Default is derived or implemented on a type that likely cannot have a safe default state.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_domain_float_for_money",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "Floating-point storage is used for money-like values.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_domain_impossible_combination",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "A boolean toggle is mixed with optional credentials, creating invalid-state combinations.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_domain_optional_secret_default",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "A defaultable type includes optional secret-like fields, which can hide invalid configuration.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_domain_raw_primitive",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "Business-facing data is stored as a raw primitive instead of a stronger domain type.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_serde_sensitive_deserialize",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "Deserialize is derived for sensitive fields without obvious validation.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
RuleDefinition {
id: "rust_serde_sensitive_serialize",
language: RuleLanguage::Rust,
family: "domain_modeling",
default_severity: RuleDefaultSeverity::Contextual,
status: RuleStatus::Stable,
configurability: &[
RuleConfigurability::Disable,
RuleConfigurability::Ignore,
RuleConfigurability::SeverityOverride,
],
description: "Serialize is derived for secret-like fields that may need redaction or exclusion.",
binding_location: bindings::RUST_DOMAIN_MODELING,
},
];