Skip to main content

secureops_core/
lib.rs

1//! # secureops-core
2//!
3//! The shared, I/O-free heart of SecureOps. It holds:
4//!
5//! - the **type model** ([`types`]) - `AuditFinding`, `Severity`, `AuditReport`, …
6//! - the **OpenClaw config tree** ([`config`]) it audits
7//! - the **`AuditContext`** trait ([`context`]) - dependency injection for all
8//!   filesystem / environment access, so checks stay unit-testable against a mock
9//! - the **`Check`** trait ([`check`]) - one impl per audit category
10//! - **scoring** ([`scoring`]) - the faithful port of `calculateScore`,
11//!   `computeSummary` and the MAESTRO cross-layer compound-risk pass
12//! - **IOC / runtime** value types ([`ioc`], [`runtime`]) shared by the
13//!   intel, monitors and daemon crates
14//!
15//! ## Wire-format contract (PRODUCT.md A.5)
16//!
17//! The JSON emitted here must stay **byte-compatible** with the TypeScript tool
18//! for the whole migration window: both a TS shim and a Rust daemon may read and
19//! write the same `<stateDir>/.secureops/` files. Every serialized struct is
20//! `#[serde(rename_all = "camelCase")]` (or an explicit case) to match the TS
21//! field names exactly. Treat the field names as frozen.
22
23#![forbid(unsafe_code)]
24
25pub mod check;
26pub mod config;
27pub mod context;
28pub mod ioc;
29pub mod patterns;
30pub mod runtime;
31pub mod scoring;
32pub mod types;
33pub mod util;
34
35pub use check::*;
36pub use config::*;
37pub use context::*;
38pub use ioc::*;
39pub use patterns::*;
40pub use runtime::*;
41pub use scoring::*;
42pub use types::*;
43pub use util::*;