rust-sanitize 0.11.0

Deterministic one-way data sanitization engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

use tracing::info;

use crate::cli_args::Cli;

pub(crate) struct CliConfigSnapshot {
    had_secrets: bool,
    had_profile: bool,
    apps: Vec<String>,
    allow: Vec<String>,
    strict: bool,
    fail_on_match: bool,
    no_structured_handoff: bool,
    deterministic: bool,
    dry_run: bool,
}

impl CliConfigSnapshot {
    pub(crate) fn capture(cli: &Cli) -> Self {
        Self {
            had_secrets: cli.secrets_file.is_some(),
            had_profile: cli.profile.is_some(),
            apps: cli.app.clone(),
            allow: cli.allow.clone(),
            strict: cli.strict,
            fail_on_match: cli.fail_on_match,
            no_structured_handoff: cli.no_structured_handoff,
            deterministic: cli.deterministic,
            dry_run: cli.dry_run,
        }
    }
}

/// Print a one-time run configuration summary to stderr so the user can see
/// exactly what secrets file, profile, and apps are active — and whether any
/// of them came from a config file rather than the command line.
pub(crate) fn print_run_header(cli: &Cli, snap: &CliConfigSnapshot, json_logs: bool) {
    if json_logs {
        info!(
            secrets = cli.secrets_file.as_ref().map(|p| p.display().to_string()).unwrap_or_default(),
            profile = cli.profile.as_ref().map(|p| p.display().to_string()).unwrap_or_default(),
            apps    = %cli.app.join(","),
            "run config"
        );
        return;
    }

    match &cli.secrets_file {
        Some(p) => {
            let ann = if !snap.had_secrets { "  [config]" } else { "" };
            eprintln!("  secrets:  {}{}", p.display(), ann);
        }
        None => {
            eprintln!("  secrets:  (none — built-in patterns only)");
        }
    }

    if let Some(p) = &cli.profile {
        let ann = if !snap.had_profile { "  [config]" } else { "" };
        eprintln!("  profile:  {}{}", p.display(), ann);
    }

    if !cli.app.is_empty() {
        let parts: Vec<String> = cli
            .app
            .iter()
            .map(|a| {
                if snap.apps.contains(a) {
                    a.clone()
                } else {
                    format!("{a}  [config]")
                }
            })
            .collect();
        eprintln!("  apps:     {}", parts.join(", "));
    }

    if !cli.allow.is_empty() {
        let parts: Vec<String> = cli
            .allow
            .iter()
            .map(|v| {
                if snap.allow.contains(v) {
                    format!("{v:?}")
                } else {
                    format!("{v:?}  [config]")
                }
            })
            .collect();
        eprintln!("  allow:    {}", parts.join(", "));
    }

    let mut flags: Vec<String> = Vec::new();
    if cli.strict {
        flags.push(if !snap.strict {
            "--strict  [config]".into()
        } else {
            "--strict".into()
        });
    }
    if cli.fail_on_match {
        flags.push(if !snap.fail_on_match {
            "--fail-on-match  [config]".into()
        } else {
            "--fail-on-match".into()
        });
    }
    if cli.no_structured_handoff {
        flags.push(if !snap.no_structured_handoff {
            "--no-structured-handoff  [config]".into()
        } else {
            "--no-structured-handoff".into()
        });
    }
    if cli.deterministic {
        flags.push(if !snap.deterministic {
            "--deterministic  [config]".into()
        } else {
            "--deterministic".into()
        });
    }
    if cli.dry_run {
        flags.push(if !snap.dry_run {
            "--dry-run  [config]".into()
        } else {
            "--dry-run".into()
        });
    }
    if !flags.is_empty() {
        eprintln!("  flags:    {}", flags.join(", "));
    }
    eprintln!();
}