kz-proxy 0.2.0

MITM proxy and subprocess sandbox for blind secret injection

Coverage
69.57%
16 out of 23 items documented0 out of 0 items with examples
Size
Source code size: 104.67 kB This is the summed size of all the files inside the crates.io package for this release.
Documentation size: 1.12 MB This is the summed size of all files generated by rustdoc for all configured targets
Ø build duration
this release: 3m 23s Average build duration of successful builds.
all releases: 2m 54s Average build duration of successful builds in releases after 2024-10-23.
Links
Homepage
Repository
crates.io
Dependencies
Versions
- 0.2.0 (2026-04-02)
- 0.1.0 (2026-04-01)
Owners

kz-proxy: run a subprocess with masked secrets and an HTTP proxy that rewrites tokens.

The main type is [Sandbox]: build it from a [SandboxConfig] (with optional [SecretMapping]s, [StringMapping]s, and connection allow/deny rules), then call [Sandbox::run] to execute a shell command with masked env vars and proxied HTTP that rewrites tokens to real secrets.

The proxy is implemented with the hyper stack so that HTTP parsing, Content-Length, chunked encoding, and CONNECT tunneling follow RFC 7230/9110.