Skip to main content

Evidence

llm_assisted_api_debugging_lab::evidence

Enum Evidence 

Source 
pub enum Evidence {
    HttpStatus(u16),
    HeaderPresent {
        name: String,
        value: Option<String>,
    },
    HeaderMissing {
        name: String,
    },
    BodyMutatedBeforeVerification,
    SignatureMismatch,
    ClockDriftSecs {
        observed: i64,
        tolerance_secs: u64,
    },
    RetryAfterSecs(u64),
    RateLimitObserved {
        observed_rps: u32,
        limit_rps: u32,
    },
    DnsResolutionFailed {
        host: String,
        message: String,
    },
    TlsHandshakeFailed {
        peer: String,
        reason: String,
    },
    ConnectionTimeout {
        elapsed_ms: u64,
        timeout_ms: u64,
    },
    JsonValidationError {
        field: Option<String>,
        message: String,
    },
}
Expand description

A single normalized signal extracted from a request/response, env context, or a log line.

Variants are intentionally narrow: each one corresponds to a fact a support engineer would write in an escalation note. Inference belongs in diagnose(), not here. If you find yourself wanting to add a variant whose name is a hypothesis (“PossibleAuthMisconfig”), it belongs in prose.toml as a hypothesis string for an existing rule, not as new evidence.

Serialize so the JSON-envelope prompt renderer can emit each variant directly. The #[serde(tag = "kind")] attribute means each variant serializes as {"kind": "VariantName", ...fields}, which gives every variant a stable JSON discriminator without writing a hand-rolled serializer.

Variants§

§

HttpStatus(u16)

Final HTTP status code observed on the response. Absent for connection-layer failures (DNS, TLS, timeout) where no response was received.

§

HeaderPresent

A request header that was present. The value is masked (e.g. "***" for Authorization) — we don’t surface secret material in rendered output.

Fields

§name: String
§value: Option<String>
§

HeaderMissing

A request header that the rule was looking for but did not find. Currently produced only for Authorization (used by the auth_missing rule).

Fields

§name: String
§

BodyMutatedBeforeVerification

The request body was modified by middleware between transmission and verification. The webhook signature rule cares about this because re-encoding even idempotent JSON changes the byte stream that HMAC was computed over.

§

SignatureMismatch

HMAC signature verification failed. Sourced from log markers reason=signature_mismatch or signature verification failed.

§

ClockDriftSecs

Clock skew between the signature timestamp and the server clock, expressed in absolute seconds (observed.abs()). Only emitted when the magnitude exceeds tolerance_secs. Sign is dropped to keep dedup simple — |skew| > tol is what the verifier checks.

Fields

§observed: i64
§tolerance_secs: u64
§

RetryAfterSecs(u64)

Server-supplied Retry-After value in seconds, parsed from the response header.

§

RateLimitObserved

Observed request rate vs the account’s documented per-second limit, sourced from log markers like burst above limit observed_rps=X limit_rps=Y.

Fields

§observed_rps: u32
§limit_rps: u32
§

DnsResolutionFailed

DNS resolution failed for the given host. Both fields are required when this is emitted from a log line — see the parser comments for why an abort line without host= is intentionally skipped.

Fields

§host: String
§message: String
§

TlsHandshakeFailed

TLS handshake to the given peer failed before any HTTP request was sent. Same parser-strictness contract as DnsResolutionFailed: the marker substring without a peer= token is descriptive prose, not a fresh observation.

Fields

§peer: String
§reason: String
§

ConnectionTimeout

The client aborted the request because the upstream did not respond inside the budget. Both fields together prove the abort was on the client side (elapsed >= timeout).

Fields

§elapsed_ms: u64
§timeout_ms: u64
§

JsonValidationError

Server-side schema validation rejected the request. field is the failing field name when the server identified one (most common); message is the validation error string.

Fields

§field: Option<String>
§message: String

Trait Implementations§

Source§

impl Clone for Evidence

Source§

fn clone(&self) -> Evidence

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Evidence

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl PartialEq for Evidence

Source§

fn eq(&self, other: &Evidence) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for Evidence

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for Evidence

Source§

impl StructuralPartialEq for Evidence

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.