Skip to main content

sanitize_engine/
error.rs

1//! Unified error types for the sanitization engine.
2//!
3//! All fallible operations in the crate return [`Result<T>`], which is an
4//! alias for `std::result::Result<T, SanitizeError>`.
5//!
6//! Errors are categorised by subsystem (`IoError`, `SecretsError`,
7//! `ArchiveError`, …) so callers can match on the variant to decide
8//! whether to retry, skip, or abort. The [`thiserror`] derive keeps
9//! display messages actionable and grep-friendly.
10
11use thiserror::Error;
12
13/// All errors that can occur within the sanitization engine.
14#[derive(Debug, Error)]
15#[non_exhaustive]
16pub enum SanitizeError {
17    #[error("replacement store capacity exceeded: {current} mappings (limit: {limit})")]
18    CapacityExceeded { current: usize, limit: usize },
19
20    #[error("invalid seed length: expected 32 bytes, got {0}")]
21    InvalidSeedLength(usize),
22
23    #[error("I/O error: {0}")]
24    IoError(String),
25
26    #[error("parse error ({format}): {message}")]
27    ParseError { format: String, message: String },
28
29    #[error("recursion depth exceeded: {0}")]
30    RecursionDepthExceeded(String),
31
32    #[error("input too large: {size} bytes (limit: {limit})")]
33    InputTooLarge { size: usize, limit: usize },
34
35    #[error("pattern compilation error: {0}")]
36    PatternCompileError(String),
37
38    #[error("invalid configuration: {0}")]
39    InvalidConfig(String),
40
41    #[error("secrets: empty password")]
42    SecretsEmptyPassword,
43
44    #[error("secrets: encrypted file too short (corrupt or truncated)")]
45    SecretsTooShort,
46
47    #[error("secrets: decryption failed — wrong password or corrupted file")]
48    SecretsDecryptFailed,
49
50    #[error("secrets: cipher error: {0}")]
51    SecretsCipherError(String),
52
53    #[error("secrets: {format} error: {message}")]
54    SecretsFormatError { format: String, message: String },
55
56    #[error("secrets: invalid UTF-8: {0}")]
57    SecretsInvalidUtf8(String),
58
59    #[error("secrets: no password provided — file appears encrypted but --encrypted-secrets was not specified")]
60    SecretsPasswordRequired,
61
62    #[error("archive error: {0}")]
63    ArchiveError(String),
64}
65
66impl From<std::io::Error> for SanitizeError {
67    fn from(e: std::io::Error) -> Self {
68        SanitizeError::IoError(e.to_string())
69    }
70}
71
72pub type Result<T> = std::result::Result<T, SanitizeError>;