Skip to main content

shakrs_json_parser/types/
config.rs

1//! Typed model of a `shakrs.json` document: version, policy enablement, and
2//! waivers.
3
4use std::collections::BTreeMap;
5
6use garde::Validate;
7use serde::{Deserialize, Serialize};
8
9use crate::types::Waiver;
10
11/// A whole `shakrs.json` document.
12#[expect(
13    clippy::module_name_repetitions,
14    reason = "ShakrsConfig is the canonical document type, named after the shakrs.json file it models, not after the `config` module."
15)]
16#[derive(Debug, Clone, Serialize, Deserialize, Validate)]
17#[serde(deny_unknown_fields)]
18pub struct ShakrsConfig {
19    /// Schema version. Only `1` is supported.
20    #[garde(range(min = 1, max = 1))]
21    pub version: u32,
22    /// Which registered policies run, and with what parameters.
23    #[serde(default)]
24    #[garde(dive)]
25    pub policies: PoliciesSection,
26    /// Per-finding suppressions.
27    #[serde(default)]
28    #[garde(dive)]
29    pub waivers: Vec<Waiver>,
30}
31
32/// The `policies` block: a baseline enablement plus per-policy overrides.
33#[derive(Debug, Clone, Serialize, Deserialize, Validate)]
34#[serde(deny_unknown_fields, rename_all = "camelCase")]
35pub struct PoliciesSection {
36    /// Enablement for every registered policy not named in `overrides`.
37    /// `true` (default) is opt-out; `false` is opt-in.
38    #[serde(default = "crate::runtime::config::default_true")]
39    #[garde(skip)]
40    pub default_enabled: bool,
41    /// Per-policy enablement and parameters, keyed by policy id. Wins over
42    /// `default_enabled` for the policies it names.
43    #[serde(default)]
44    #[garde(skip)]
45    pub overrides: BTreeMap<String, PolicyOverride>,
46}
47
48/// One entry in `policies.overrides`: either a bare boolean toggle or a
49/// detailed object carrying typed parameters.
50///
51/// `params` stays an opaque `serde_json::Value` here; the owning policy
52/// deserializes it into its own input type in the runner, not in this crate.
53#[derive(Debug, Clone, Serialize, Deserialize)]
54#[serde(untagged)]
55pub enum PolicyOverride {
56    /// Shorthand: `true`/`false` toggles the policy with default parameters.
57    Enabled(bool),
58    /// Full form: explicit enablement plus opaque parameters.
59    Detailed {
60        /// Whether the policy runs.
61        enabled: bool,
62        /// Opaque parameters, deserialized by the owning policy later.
63        #[serde(default)]
64        params: serde_json::Value,
65    },
66}