feat: migrate from Cedar to SpiceDB authorization system

This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.

Key changes:

- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization

This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.

Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.

1 files changed, 0 insertions, 133 deletions

diff --git a/vendor/bytes/Cargo.toml b/vendor/bytes/Cargo.toml
deleted file mode 100644
index cf4f9f49..00000000
--- a/vendor/bytes/Cargo.toml
+++ /dev/null
@@ -1,133 +0,0 @@
-# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
-#
-# When uploading crates to the registry Cargo will automatically
-# "normalize" Cargo.toml files for maximal compatibility
-# with all versions of Cargo and also rewrite `path` dependencies
-# to registry (e.g., crates.io) dependencies.
-#
-# If you are reading this file be aware that the original Cargo.toml
-# will likely look very different (and much more reasonable).
-# See Cargo.toml.orig for the original contents.
-
-[package]
-edition = "2018"
-rust-version = "1.39"
-name = "bytes"
-version = "1.10.1"
-authors = [
-    "Carl Lerche <me@carllerche.com>",
-    "Sean McArthur <sean@seanmonstar.com>",
-]
-build = false
-autolib = false
-autobins = false
-autoexamples = false
-autotests = false
-autobenches = false
-description = "Types and traits for working with bytes"
-readme = "README.md"
-keywords = [
-    "buffers",
-    "zero-copy",
-    "io",
-]
-categories = [
-    "network-programming",
-    "data-structures",
-]
-license = "MIT"
-repository = "https://github.com/tokio-rs/bytes"
-
-[package.metadata.docs.rs]
-rustdoc-args = [
-    "--cfg",
-    "docsrs",
-]
-
-[features]
-default = ["std"]
-std = []
-
-[lib]
-name = "bytes"
-path = "src/lib.rs"
-
-[[test]]
-name = "test_buf"
-path = "tests/test_buf.rs"
-
-[[test]]
-name = "test_buf_mut"
-path = "tests/test_buf_mut.rs"
-
-[[test]]
-name = "test_bytes"
-path = "tests/test_bytes.rs"
-
-[[test]]
-name = "test_bytes_odd_alloc"
-path = "tests/test_bytes_odd_alloc.rs"
-
-[[test]]
-name = "test_bytes_vec_alloc"
-path = "tests/test_bytes_vec_alloc.rs"
-
-[[test]]
-name = "test_chain"
-path = "tests/test_chain.rs"
-
-[[test]]
-name = "test_debug"
-path = "tests/test_debug.rs"
-
-[[test]]
-name = "test_iter"
-path = "tests/test_iter.rs"
-
-[[test]]
-name = "test_reader"
-path = "tests/test_reader.rs"
-
-[[test]]
-name = "test_serde"
-path = "tests/test_serde.rs"
-
-[[test]]
-name = "test_take"
-path = "tests/test_take.rs"
-
-[[bench]]
-name = "buf"
-path = "benches/buf.rs"
-
-[[bench]]
-name = "bytes"
-path = "benches/bytes.rs"
-
-[[bench]]
-name = "bytes_mut"
-path = "benches/bytes_mut.rs"
-
-[dependencies.extra-platforms]
-version = "1.3"
-features = ["require-cas"]
-optional = true
-default-features = false
-package = "portable-atomic"
-
-[dependencies.serde]
-version = "1.0.60"
-features = ["alloc"]
-optional = true
-default-features = false
-
-[dev-dependencies.serde_test]
-version = "1.0"
-
-[target."cfg(loom)".dev-dependencies.loom]
-version = "0.7"
-
-[lints.rust.unexpected_cfgs]
-level = "warn"
-priority = 0
-check-cfg = ["cfg(loom)"]