Function spawn_watcher 

pub fn spawn_watcher(
    engine: Arc<RwLock<Engine>>,
    policy_paths: Vec<PathBuf>,
    extends_resolver: Option<ExtendsResolver>,
) -> Result<(JoinHandle<()>, RecommendedWatcher), Box<dyn Error>>

Spawns a filesystem watcher task that reloads policies on change.

Returns a JoinHandle for the watcher task and the underlying RecommendedWatcher (which must be kept alive for watching to continue).

Arguments

• engine — Shared engine to swap on successful reload
• policy_paths — Paths to policy YAML files to watch
• extends_resolver — Optional callback to resolve extends directives

Behavior

• Debounces filesystem events (300ms) to coalesce rapid saves
• On change: re-reads all policy files, builds a new engine, swaps atomically
• On parse error: logs the error to stderr, keeps the previous valid engine
• All output goes to stderr (safe for stdio proxy mode)