Expand description
§secureops-core
The shared, I/O-free heart of SecureOps. It holds:
- the type model (
types) -AuditFinding,Severity,AuditReport, … - the OpenClaw config tree (
config) it audits - the
AuditContexttrait (context) - dependency injection for all filesystem / environment access, so checks stay unit-testable against a mock - the
Checktrait (check) - one impl per audit category - scoring (
scoring) - the faithful port ofcalculateScore,computeSummaryand the MAESTRO cross-layer compound-risk pass - IOC / runtime value types (
ioc,runtime) shared by the intel, monitors and daemon crates
§Wire-format contract (PRODUCT.md A.5)
The JSON emitted here must stay byte-compatible with the TypeScript tool
for the whole migration window: both a TS shim and a Rust daemon may read and
write the same <stateDir>/.secureops/ files. Every serialized struct is
#[serde(rename_all = "camelCase")] (or an explicit case) to match the TS
field names exactly. Treat the field names as frozen.
Re-exports§
pub use check::*;pub use config::*;pub use context::*;pub use ioc::*;pub use patterns::*;pub use runtime::*;pub use scoring::*;pub use types::*;pub use util::*;
Modules§
- check
- The
Checktrait and therun_auditorchestrator. - config
- The OpenClaw configuration tree that SecureOps audits.
- context
- The
AuditContexttrait - dependency injection for every environment touch. - ioc
- IOC database + integrity-baseline value types.
- patterns
- Canonical detection-pattern sources shared across crates.
- runtime
- Runtime value types shared by monitors, hardening and the daemon.
- scoring
- Scoring and the MAESTRO cross-layer compound-risk pass.
- types
- Audit finding / report value types - the JSON wire contract.
- util
- Small, I/O-free helpers shared across the workspace.