Enum PrivacyLabel 

pub enum PrivacyLabel {
    Secret,
    AccountNumber,
    Email,
    Phone,
    Person,
    Address,
    Date,
    Url,
}

Stage 2 T0 业务标签枚举(ADR 0013)。

Variants

Secret

服务 API 密钥 / 凭证类:aws / github / anthropic / openai / jwt / pem / stripe / google / gitlab / slack / env_assignment / database_url。泄漏即越权, caller 应走 fail-closed。

AccountNumber

账户号码类(Privacy Filter private_account_number 等):银行卡 / 社保号等。

Email

邮箱:Hard email + Model private_email。

Phone

电话号码:Model private_phone。

Person

人名:Model private_person。

Address

地址:Model private_address。

Date

日期(可能是 PII 生日 / 关键事件日):Model private_date。

Url

URL / IP 类:Hard internal_ipv4 + Model private_url。 注:内网 IP 归入此类(可能是拓扑信息);公网 URL 也可能含凭证(如 Slack webhook), 但 Slack webhook 的完整结构由 Secret 承担,Url 仅承担通用 URL/IP 场景。

Implementations

impl PrivacyLabel

pub const ALL: [PrivacyLabel; 8]

全量 variant 数组(守门测试消费;同时作为“新增 variant 必测“的对账单)。

pub fn as_str(&self) -> &'static str

返回稳定的外部字面量(UI / 审计 / JSON 序列化契约)。

纪律:feedback_ssot_drift_guard —— 任何对这里字面量的修改都应同步 privacy_label_as_str_stable 精确集合测试。

pub fn from_kind(kind: &str) -> Option<PrivacyLabel>

从 Finding.kind 字面量反查标签。

覆盖两层来源:

• Hard(HARD_RULES.name):aws / github / anthropic / openai / jwt / pem / env_assignment / slack / stripe / google / gitlab / database_url / email / internal_ipv4
• Model(Privacy Filter):private_* 前缀 8 类 + 裸 secret / account_number

返回 None 表示 kind 不在封闭集合中 —— caller 可选择:

• 继续保留 Finding(本 Stage scaffold 的默认行为,兼容未来新 kind)
• 或视为 fail-closed 拒入(安全关键路径)

Trait Implementations

impl Clone for PrivacyLabel

fn clone(&self) -> PrivacyLabel

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Copy for PrivacyLabel

impl Debug for PrivacyLabel

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl Display for PrivacyLabel

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl Eq for PrivacyLabel

impl Hash for PrivacyLabel

fn hash<__H>(&self, state: &mut __H)

where __H: Hasher,

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for PrivacyLabel

fn cmp(&self, other: &PrivacyLabel) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for PrivacyLabel

fn eq(&self, other: &PrivacyLabel) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for PrivacyLabel

fn partial_cmp(&self, other: &PrivacyLabel) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl StructuralPartialEq for PrivacyLabel