Expand description
§Determinism Configuration and Enforcement
This module provides the core determinism guarantees that make DDEX Builder unique in the market. By ensuring byte-perfect reproducible output, we enable supply chain integrity, reproducible builds, and cryptographic signing.
§Core Principle
Same Input = Identical Output, Always
DDEX Builder guarantees that identical logical input will always produce byte-identical XML output, regardless of:
- Build environment (dev, CI, production)
- Operating system (Windows, macOS, Linux)
- Hardware architecture (x86, ARM, M1/M2)
- Rust version or compiler flags
- Time of day or system locale
§Why Determinism Matters
Deterministic Benefits
┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ Supply Chain │ │ Reproducible │ │ Digital │
│ Integrity │ │ Builds │ │ Signatures │
└─────────────────┘ └──────────────────┘ └─────────────────┘
│ │ │
▼ ▼ ▼
┌─────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ • Audit │ │ • CI/CD Cache │ │ • Crypto Valid │
│ • Verify │ │ • Artifact │ │ • Non-repudiat │
│ • Trust │ │ Dedup │ │ • Compliance │
│ • Detect │ │ • Build Reprod │ │ • Legal Proof │
└─────────────┘ └─────────────────┘ └─────────────────┘§Implementation Strategy
CRITICAL: This module ensures deterministic output by using IndexMap
everywhere instead of HashMap/HashSet. The clippy configuration enforces this.
§Key Components
- DB-C14N/1.0 Canonicalization: Our custom canonicalization spec
- Deterministic Data Structures: IndexMap for stable iteration order
- Fixed Randomness Sources: Locked namespace prefixes and IDs
- Normalized Formatting: Consistent whitespace, encoding, line endings
- Time Zone Handling: UTC normalization for timestamps
§Configuration Example
use ddex_builder::determinism::*;
use indexmap::IndexMap;
let mut config = DeterminismConfig::default();
// Enable strict determinism verification
config.verify_determinism = Some(5); // Test with 5 iterations
// Lock namespace prefixes
config.locked_prefixes.insert(
"http://ddex.net/xml/ern/43".to_string(),
"ern".to_string()
);
// Use custom element ordering
let mut release_order = IndexMap::new();
release_order.insert("Release".to_string(), vec![
"ReleaseReference".to_string(),
"ReleaseId".to_string(),
"ReferenceTitle".to_string(),
]);
config.custom_sort_order = Some(release_order);
// Apply configuration to builder
let mut builder = Builder::new();
builder.set_determinism_config(config);§Verification Process
The determinism verification process works by:
- Build XML using the same input multiple times
- Compare Bytes - every byte must be identical
- Hash Verification - SHA-256 hashes must match
- Failure Detection - any variance triggers detailed diff analysis
// Automatic verification during build
let config = DeterminismConfig {
verify_determinism: Some(3), // 3 verification rounds
..Default::default()
};
let result = builder.build_with_verification(&request, &config)?;
// If determinism fails, build returns detailed error with diff§Performance Impact
Determinism adds minimal overhead:
- +0.1-0.5ms for IndexMap vs HashMap
- +1-3ms for verification when enabled
- +5-10% memory for deterministic data structures
- Zero impact on functionality or correctness
The performance cost is negligible compared to the benefits of supply chain integrity and reproducible builds.
Structs§
- Determinism
Config - Determinism configuration for XML generation
- Determinism
Difference - Information about a determinism difference
- Determinism
Result - Determinism verification result
- Determinism
Stats - Runtime statistics for determinism verification
- Determinism
Verifier - Determinism verifier with comprehensive analysis
- Difference
Context - Context around a difference
- Hash
Difference - Hash comparison details
- Length
Difference - Length comparison details
Enums§
- Canon
Mode - Canonicalization mode
- Date
Time Format - Date/time format
- Indent
Char - Indentation character
- Line
Ending - Line ending style
- Namespace
Strategy - Namespace handling strategy
- Output
Mode - Output formatting mode
- Quote
Style - Quote style for attributes
- Sort
Strategy - Element ordering strategy
- Time
Zone Policy - Time zone policy
- Unicode
Normalization - Unicode normalization form
- XmlCharacter
Policy - XML character handling policy