hackamore-policy 0.1.0

Pure policy engine for hackamore: decide(Action, Policy) -> Verdict, no I/O
Documentation
  • Coverage
  • 100%
    2 out of 2 items documented0 out of 1 items with examples
  • Size
  • Source code size: 31.65 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 327.25 kB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 19s Average build duration of successful builds.
  • all releases: 19s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • zhxiaogg/hackamore
    0 0 1
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • zhxiaogg

The hackamore policy engine — the reusable decision core.

Its entire public surface is one pure function, [decide]: given a normalized [Action] and an agent's [Policy], it returns a [Verdict]. No I/O, no HTTP, no async, no awareness that a proxy exists. That narrowness is the point: any data plane (the bundled reverse proxy today, an Envoy ext_authz adapter tomorrow) can reuse it by translating its request into an Action and enforcing the Verdict.

Semantics: rules are evaluated top-to-bottom, first match wins, and if no rule matches the action is denied (fail closed). An Allow is bare: the engine names no credentials — the matched service instance owns its credential, and the data plane attaches the inject/passthrough obligation.