Expand description
Allowlist representation and matching.
A Rule is an ordered list of glob patterns. Each pattern matches one
command token positionally, with one exception: a trailing ** matches
zero or more remaining tokens. So cargo build ** accepts every
cargo build ... invocation, while cargo build * accepts exactly one
extra argument.
Patterns use the glob crate’s syntax: * matches anything within a
single token, ? matches one character, [abc] matches a character class.
Structs§
- Allowlist
- An ordered collection of rules. Rules are matched in order; the first match wins (used to surface which rule allowed a command).
- Rule
- A single allowlist entry, parsed once and matched many times.
Enums§
Functions§
- platform_
defaults - Default read-only allowlist for the current platform.