Enum ExtensionTrustState 

pub enum ExtensionTrustState {
    Quarantined,
    Restricted,
    Trusted,
}

Extension trust lifecycle states.

The trust lifecycle is a strict state machine:

• Quarantined → Restricted (via promotion with operator acknowledgment)
• Restricted → Trusted (via promotion with operator acknowledgment)
• Trusted → Quarantined (via demotion, immediate)
• Restricted → Quarantined (via demotion, immediate)

Transitions always require an explicit reason and produce an audit event.

Variants

Quarantined

Extension is fully quarantined: no dangerous hostcalls permitted. Default state for extensions with Block or Review install recommendations.

Restricted

Extension may execute read-only hostcalls but not write, exec, or network operations. Intermediate state requiring a second promotion to reach full trust.

Trusted

Extension is fully trusted and may exercise all policy-allowed capabilities.

Implementations

impl ExtensionTrustState

pub const fn allows_dangerous_hostcalls(self) -> bool

Whether the extension may execute dangerous hostcalls (write, exec, network, env).

pub const fn allows_read_hostcalls(self) -> bool

Whether the extension may execute read-only hostcalls (read, list, stat, tool registration).

pub const fn is_quarantined(self) -> bool

Whether the extension is in quarantine and cannot execute any hostcalls beyond registration.

Trait Implementations

impl Clone for ExtensionTrustState

fn clone(&self) -> ExtensionTrustState

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ExtensionTrustState

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for ExtensionTrustState

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for ExtensionTrustState

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Hash for ExtensionTrustState

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for ExtensionTrustState

fn cmp(&self, other: &ExtensionTrustState) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for ExtensionTrustState

fn eq(&self, other: &ExtensionTrustState) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for ExtensionTrustState

fn partial_cmp(&self, other: &ExtensionTrustState) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl Serialize for ExtensionTrustState

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Copy for ExtensionTrustState

impl Eq for ExtensionTrustState

impl StructuralPartialEq for ExtensionTrustState