phalus 0.6.0

Private Headless Automated License Uncoupling System — AI-powered clean room software reimplementation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265

use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
use std::collections::HashMap;

pub mod agents;
pub mod audit;
pub mod cache;
pub mod config;
pub mod docs;
pub mod firewall;
pub mod license;
pub mod manifest;
pub mod pipeline;
pub mod registry;
pub mod sbom;
pub mod scan;
pub mod store;
pub mod validator;
pub mod web;

// ---------------------------------------------------------------------------
// Ecosystem
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
pub enum Ecosystem {
    Npm,
    PyPI,
    Crates,
    Go,
}

impl std::fmt::Display for Ecosystem {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            Ecosystem::Npm => write!(f, "npm"),
            Ecosystem::PyPI => write!(f, "pypi"),
            Ecosystem::Crates => write!(f, "crates"),
            Ecosystem::Go => write!(f, "go"),
        }
    }
}

// ---------------------------------------------------------------------------
// Manifest types
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PackageRef {
    pub name: String,
    pub version_constraint: String,
    pub ecosystem: Ecosystem,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ParsedManifest {
    pub manifest_type: String,
    pub packages: Vec<PackageRef>,
}

// ---------------------------------------------------------------------------
// Registry / metadata types
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PackageMetadata {
    pub name: String,
    pub version: String,
    pub ecosystem: Ecosystem,
    pub description: Option<String>,
    pub license: Option<String>,
    pub repository_url: Option<String>,
    pub homepage_url: Option<String>,
    pub unpacked_size: Option<u64>,
    pub registry_url: String,
}

// ---------------------------------------------------------------------------
// Documentation types
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct DocEntry {
    pub name: String,
    pub content: String,
    pub source_url: Option<String>,
    pub content_hash: String,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Documentation {
    pub package: PackageMetadata,
    pub documents: Vec<DocEntry>,
    pub content_hash: String,
}

// ---------------------------------------------------------------------------
// CSP (Clean-Shot Package) types
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct CspDocument {
    pub filename: String,
    pub content: String,
    pub content_hash: String,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct CspSpec {
    pub package_name: String,
    pub package_version: String,
    pub documents: Vec<CspDocument>,
    pub generated_at: DateTime<Utc>,
}

// ---------------------------------------------------------------------------
// Implementation type
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Implementation {
    pub package_name: String,
    pub files: HashMap<String, String>,
    pub target_language: String,
}

// ---------------------------------------------------------------------------
// Validation types
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SimilarityReport {
    pub token_similarity: f64,
    pub name_overlap: f64,
    pub string_overlap: f64,
    pub structural_similarity: f64,
    pub overall_score: f64,
    pub threshold: f64,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
pub enum Verdict {
    Pass,
    Fail,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ValidationReport {
    pub package: PackageMetadata,
    pub syntax_ok: bool,
    pub tests_passed: u32,
    pub tests_failed: u32,
    pub api_coverage: f64,
    pub license_ok: bool,
    pub similarity: SimilarityReport,
    pub verdict: Verdict,
}

// ---------------------------------------------------------------------------
// License template resolution
// ---------------------------------------------------------------------------

pub fn resolve_license_text(license_id: &str, year: &str, holder: &str) -> Option<String> {
    let template = match license_id {
        "mit" => include_str!("../licenses/mit.txt"),
        "apache-2.0" => include_str!("../licenses/apache-2.0.txt"),
        "bsd-2" => include_str!("../licenses/bsd-2.txt"),
        "bsd-3" => include_str!("../licenses/bsd-3.txt"),
        "isc" => include_str!("../licenses/isc.txt"),
        "unlicense" => include_str!("../licenses/unlicense.txt"),
        "cc0" => include_str!("../licenses/cc0.txt"),
        _ => return None,
    };
    Some(template.replace("{year}", year).replace("{holder}", holder))
}

// ---------------------------------------------------------------------------
// License scanning types (Phase 1)
// ---------------------------------------------------------------------------

/// SPDX-canonical license classification bucket.
#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)]
#[serde(rename_all = "kebab-case")]
pub enum LicenseClass {
    Permissive,
    CopyleftWeak,
    CopyleftStrong,
    Proprietary,
    Unknown,
}

impl std::fmt::Display for LicenseClass {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            LicenseClass::Permissive => write!(f, "permissive"),
            LicenseClass::CopyleftWeak => write!(f, "copyleft-weak"),
            LicenseClass::CopyleftStrong => write!(f, "copyleft-strong"),
            LicenseClass::Proprietary => write!(f, "proprietary"),
            LicenseClass::Unknown => write!(f, "unknown"),
        }
    }
}

/// A single package discovered during a scan with its resolved license.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ScannedPackage {
    pub name: String,
    pub version: String,
    pub ecosystem: Ecosystem,
    /// Raw license string as found in the manifest or registry.
    pub raw_license: Option<String>,
    /// Normalized SPDX identifier (e.g. "MIT", "Apache-2.0").
    pub spdx_license: Option<String>,
    /// High-level classification bucket.
    pub classification: LicenseClass,
    /// Where the license information came from ("manifest", "registry", "sbom").
    pub source: String,
}

/// The result of a single scan run.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ScanResult {
    pub id: String,
    pub path: String,
    pub scanned_at: DateTime<Utc>,
    pub packages: Vec<ScannedPackage>,
    pub manifest_files: Vec<String>,
    pub sbom_files: Vec<String>,
}

// ---------------------------------------------------------------------------
// Mode / language enums
// ---------------------------------------------------------------------------

#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
pub enum IsolationMode {
    Context,
    Process,
    Container,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
pub enum TargetLanguage {
    Same,
    Rust,
    Go,
    Python,
    TypeScript,
}

impl std::fmt::Display for TargetLanguage {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            TargetLanguage::Same => write!(f, "same"),
            TargetLanguage::Rust => write!(f, "rust"),
            TargetLanguage::Go => write!(f, "go"),
            TargetLanguage::Python => write!(f, "python"),
            TargetLanguage::TypeScript => write!(f, "typescript"),
        }
    }
}