7cab57b645
Some checks failed
CI/CD Pipeline / Test Suite (push) Has been cancelled
CI/CD Pipeline / Security Audit (push) Has been cancelled
CI/CD Pipeline / Build Docker Image (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
CI/CD Pipeline / Performance Benchmarks (push) Has been cancelled
CI/CD Pipeline / Cleanup (push) Has been cancelled
369 lines
12 KiB
TOML
369 lines
12 KiB
TOML
# =============================================================================
|
|
# Rustelo Framework Integrity Manifest
|
|
# =============================================================================
|
|
# This file defines the protected boundaries of the Rustelo framework and
|
|
# the rules that implementations must follow to remain compatible with updates.
|
|
|
|
[framework]
|
|
name = "rustelo"
|
|
version = "0.1.0"
|
|
integrity_version = "1.0"
|
|
compatibility_level = "stable"
|
|
description = "Modular, feature-based Rust web framework built on Leptos and Axum"
|
|
|
|
# =============================================================================
|
|
# PROTECTED PATHS - Framework core that cannot be directly modified
|
|
# =============================================================================
|
|
|
|
[[protected_paths]]
|
|
path = "crates/foundation/crates/core-lib/src/lib.rs"
|
|
reason = "Core framework interface and module exports"
|
|
alternatives = [
|
|
"Implement traits in your own crates",
|
|
"Use extension points for customization",
|
|
"Create component overrides in approved locations"
|
|
]
|
|
|
|
[[protected_paths]]
|
|
path = "crates/foundation/crates/core-lib/src/routing/"
|
|
reason = "Core routing system and engine"
|
|
alternatives = [
|
|
"Use route configuration in config/routes/*.toml",
|
|
"Create custom route handlers via trait implementations",
|
|
"Override routing behavior through layered configuration"
|
|
]
|
|
|
|
[[protected_paths]]
|
|
path = "crates/foundation/crates/core-lib/src/layered_override.rs"
|
|
reason = "Layered override system implementation"
|
|
alternatives = [
|
|
"Use layered override system for customization",
|
|
"Create local overrides in config/local/",
|
|
"Add feature-specific overrides in config/features/"
|
|
]
|
|
|
|
[[protected_paths]]
|
|
path = "crates/foundation/crates/core-lib/src/integrity.rs"
|
|
reason = "Framework integrity protection system"
|
|
alternatives = [
|
|
"Report integrity issues to framework maintainers",
|
|
"Use approved extension points for validation customization"
|
|
]
|
|
|
|
[[protected_paths]]
|
|
path = "templates/shared/"
|
|
reason = "Core template system used for project generation"
|
|
alternatives = [
|
|
"Create local template overrides in config/local/",
|
|
"Add feature-specific templates in features/*/templates/",
|
|
"Use layered override system for template customization"
|
|
]
|
|
|
|
[[protected_paths]]
|
|
path = "crates/templates/rustelo-cli/src/"
|
|
reason = "Core CLI functionality for framework management"
|
|
alternatives = [
|
|
"Request new CLI features through framework issues",
|
|
"Create custom CLI extensions as separate crates",
|
|
"Use CLI hooks and plugins for customization"
|
|
]
|
|
|
|
# =============================================================================
|
|
# REQUIRED TRAIT IMPLEMENTATIONS - Must be implemented for compatibility
|
|
# =============================================================================
|
|
|
|
[[required_traits]]
|
|
trait_name = "ContentLoader"
|
|
implementation_path = "src/content/loader.rs"
|
|
required_methods = ["load", "validate", "cache_key"]
|
|
compatibility_version = "1.0"
|
|
description = "Content loading and validation interface"
|
|
|
|
[[required_traits]]
|
|
trait_name = "RouteHandler"
|
|
implementation_path = "src/routing/handlers.rs"
|
|
required_methods = ["handle_request", "supports_route"]
|
|
compatibility_version = "1.0"
|
|
description = "Request handling interface for routing system"
|
|
|
|
[[required_traits]]
|
|
trait_name = "ConfigResolver"
|
|
implementation_path = "src/config/resolver.rs"
|
|
required_methods = ["resolve", "validate"]
|
|
compatibility_version = "1.0"
|
|
description = "Configuration resolution interface"
|
|
|
|
[[required_traits]]
|
|
trait_name = "ComponentRenderer"
|
|
implementation_path = "src/components/renderer.rs"
|
|
required_methods = ["render", "supports_component"]
|
|
compatibility_version = "1.0"
|
|
description = "Component rendering interface"
|
|
|
|
# =============================================================================
|
|
# SAFE EXTENSION POINTS - Approved locations for customization
|
|
# =============================================================================
|
|
|
|
[[extension_points]]
|
|
name = "custom_components"
|
|
location = "src/components/custom/"
|
|
allowed_modifications = ["create", "modify", "delete"]
|
|
description = "Custom UI components that don't conflict with framework components"
|
|
|
|
[[extension_points]]
|
|
name = "content_processors"
|
|
location = "src/content/processors/"
|
|
allowed_modifications = ["create", "extend"]
|
|
description = "Custom content processing logic and transformations"
|
|
|
|
[[extension_points]]
|
|
name = "local_configuration"
|
|
location = "config/local/"
|
|
allowed_modifications = ["create", "modify"]
|
|
description = "Local configuration overrides with highest precedence"
|
|
|
|
[[extension_points]]
|
|
name = "feature_extensions"
|
|
location = "src/features/"
|
|
allowed_modifications = ["create", "extend"]
|
|
description = "Feature-specific implementations and extensions"
|
|
|
|
[[extension_points]]
|
|
name = "custom_middleware"
|
|
location = "src/middleware/"
|
|
allowed_modifications = ["create", "register"]
|
|
description = "Custom middleware for request/response processing"
|
|
|
|
[[extension_points]]
|
|
name = "custom_templates"
|
|
location = "templates/custom/"
|
|
allowed_modifications = ["create", "modify"]
|
|
description = "Custom templates for code generation and scaffolding"
|
|
|
|
[[extension_points]]
|
|
name = "asset_processors"
|
|
location = "src/assets/processors/"
|
|
allowed_modifications = ["create", "extend"]
|
|
description = "Custom asset processing and optimization logic"
|
|
|
|
# =============================================================================
|
|
# FORBIDDEN PATTERNS - Patterns that break framework compatibility
|
|
# =============================================================================
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''hardcoded_routes\s*=\s*\['''
|
|
reason = "Hardcoded routes bypass the configuration-driven routing system"
|
|
suggested_alternative = "Use route configuration in config/routes/*.toml files"
|
|
severity = "Critical"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''pub\s+mod\s+core_lib\s*\{'''
|
|
reason = "Direct framework core modification breaks update compatibility"
|
|
suggested_alternative = "Implement traits and use extension points instead"
|
|
severity = "Critical"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''unsafe\s*\{'''
|
|
reason = "Unsafe code bypasses framework safety guarantees and may break updates"
|
|
suggested_alternative = "Use safe alternatives or request framework extension"
|
|
severity = "High"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''include_str!\s*\(\s*"\.\.\/'''
|
|
reason = "Relative includes bypass the framework asset and resource systems"
|
|
suggested_alternative = "Use framework asset loading APIs and environment variables"
|
|
severity = "Medium"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''use\s+rustelo_core::(?!.*pub)'''
|
|
reason = "Direct internal imports may break when framework internals change"
|
|
suggested_alternative = "Use public APIs through the main crate interface"
|
|
severity = "Medium"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''\.unwrap\s*\(\s*\)'''
|
|
reason = "Unwrap calls can cause panics and break application stability"
|
|
suggested_alternative = "Use proper error handling with Result<T, E> and ? operator"
|
|
severity = "Medium"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''panic!\s*\('''
|
|
reason = "Explicit panics should be avoided in production code"
|
|
suggested_alternative = "Return errors through Result types for proper handling"
|
|
severity = "Low"
|
|
|
|
[[forbidden_patterns]]
|
|
pattern = '''/[^/\s"]+/[^/\s"]+'''
|
|
reason = "Hardcoded paths should use configuration or environment variables"
|
|
suggested_alternative = "Use config files or environment variables for paths"
|
|
severity = "Medium"
|
|
|
|
# =============================================================================
|
|
# UPDATE COMPATIBILITY INFORMATION
|
|
# =============================================================================
|
|
|
|
[update_compatibility]
|
|
breaking_changes_policy = "semantic_versioning"
|
|
migration_assistance = true
|
|
automated_migration = [
|
|
"configuration",
|
|
"dependencies",
|
|
"template_updates",
|
|
"deprecated_api_updates"
|
|
]
|
|
manual_migration = [
|
|
"trait_signature_changes",
|
|
"major_api_redesigns",
|
|
"architectural_changes",
|
|
"security_model_updates"
|
|
]
|
|
|
|
# =============================================================================
|
|
# VALIDATION RULES AND THRESHOLDS
|
|
# =============================================================================
|
|
|
|
[validation_rules]
|
|
# Minimum compatibility score (0.0-1.0) required for safe updates
|
|
max_compatibility_score = 0.8
|
|
|
|
# Maximum number of violations allowed by severity
|
|
critical_violations_allowed = 0
|
|
high_violations_threshold = 3
|
|
medium_violations_threshold = 10
|
|
low_violations_threshold = 50
|
|
|
|
# File scanning configuration
|
|
scan_extensions = ["rs", "toml", "json", "yaml", "md"]
|
|
exclude_directories = [
|
|
"target",
|
|
"node_modules",
|
|
".git",
|
|
"dist",
|
|
"build"
|
|
]
|
|
|
|
# Performance limits for validation
|
|
max_files_to_scan = 10000
|
|
max_file_size_mb = 10
|
|
validation_timeout_seconds = 300
|
|
|
|
# =============================================================================
|
|
# FRAMEWORK FEATURES AND CAPABILITIES
|
|
# =============================================================================
|
|
|
|
[framework_capabilities]
|
|
# Core framework features that implementations can rely on
|
|
core_features = [
|
|
"layered_override_system",
|
|
"configuration_driven_routing",
|
|
"component_system",
|
|
"content_management",
|
|
"i18n_support",
|
|
"theme_system",
|
|
"hot_reload",
|
|
"build_optimization"
|
|
]
|
|
|
|
# Optional features that can be enabled/disabled
|
|
optional_features = [
|
|
"analytics",
|
|
"smart_build",
|
|
"debugging_tools",
|
|
"auth",
|
|
"content_db",
|
|
"email",
|
|
"tls",
|
|
"metrics"
|
|
]
|
|
|
|
# Experimental features (subject to change)
|
|
experimental_features = [
|
|
"advanced_routing",
|
|
"ui_components",
|
|
"navigation_testing",
|
|
"dev_dashboard",
|
|
"page_generator"
|
|
]
|
|
|
|
# =============================================================================
|
|
# SECURITY AND COMPLIANCE
|
|
# =============================================================================
|
|
|
|
[security]
|
|
# Security patterns that must not be violated
|
|
require_csrf_protection = true
|
|
require_input_validation = true
|
|
require_secure_headers = true
|
|
forbid_sql_injection_patterns = true
|
|
require_encrypted_sensitive_data = true
|
|
|
|
# Compliance requirements
|
|
audit_trail_required = true
|
|
security_headers_required = true
|
|
vulnerability_scanning_required = true
|
|
|
|
# =============================================================================
|
|
# QUALITY STANDARDS
|
|
# =============================================================================
|
|
|
|
[quality]
|
|
# Code quality requirements
|
|
min_test_coverage = 80.0
|
|
require_documentation = true
|
|
require_error_handling = true
|
|
forbid_deprecated_apis = true
|
|
require_semantic_versioning = true
|
|
|
|
# Performance requirements
|
|
max_build_time_seconds = 300
|
|
max_memory_usage_mb = 1024
|
|
min_lighthouse_score = 90
|
|
|
|
# Rust-specific quality standards
|
|
require_clippy_compliance = true
|
|
require_rustfmt_compliance = true
|
|
forbid_unsafe_without_justification = true
|
|
require_comprehensive_error_types = true
|
|
|
|
# =============================================================================
|
|
# REPORTING AND MONITORING
|
|
# =============================================================================
|
|
|
|
[reporting]
|
|
# Report formats supported
|
|
supported_formats = ["human", "json", "junit", "sarif"]
|
|
default_format = "human"
|
|
|
|
# Report detail levels
|
|
detail_levels = ["summary", "standard", "detailed", "comprehensive"]
|
|
default_detail_level = "standard"
|
|
|
|
# Monitoring and alerting
|
|
enable_continuous_monitoring = true
|
|
alert_on_critical_violations = true
|
|
track_compatibility_score_trends = true
|
|
|
|
# =============================================================================
|
|
# MIGRATION AND UPGRADE SUPPORT
|
|
# =============================================================================
|
|
|
|
[migration]
|
|
# Migration script locations
|
|
migration_scripts_path = "scripts/migration/"
|
|
backup_before_migration = true
|
|
validate_after_migration = true
|
|
|
|
# Rollback support
|
|
enable_automatic_rollback = true
|
|
rollback_on_validation_failure = true
|
|
keep_migration_backups_days = 30
|
|
|
|
# Migration assistance
|
|
provide_migration_guide = true
|
|
automatic_dependency_updates = true
|
|
automatic_config_migration = true
|
|
manual_review_required_for = [
|
|
"breaking_changes",
|
|
"security_updates",
|
|
"architectural_changes"
|
|
] |