diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-15 16:37:08 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-17 16:30:22 -0600 |
| commit | 45df4d0d9b577fecee798d672695fe24ff57fb1b (patch) | |
| tree | 1b99bf645035b58e0d6db08c7a83521f41f7a75b /vendor/security-framework-sys/src/lib.rs | |
| parent | f94f79608393d4ab127db63cc41668445ef6b243 (diff) | |
feat: migrate from Cedar to SpiceDB authorization system
This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.
Key changes:
- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization
This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.
Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
Diffstat (limited to 'vendor/security-framework-sys/src/lib.rs')
| -rw-r--r-- | vendor/security-framework-sys/src/lib.rs | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/vendor/security-framework-sys/src/lib.rs b/vendor/security-framework-sys/src/lib.rs deleted file mode 100644 index f4be4d75..00000000 --- a/vendor/security-framework-sys/src/lib.rs +++ /dev/null @@ -1,41 +0,0 @@ -#![allow(bad_style)] - -#[cfg_attr( - any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"), - link(name = "Security", kind = "framework") -)] -extern "C" {} - -#[cfg(target_os = "macos")] -pub mod access; -pub mod access_control; -#[cfg(target_os = "macos")] -pub mod authorization; -pub mod base; -#[cfg(any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] -pub mod certificate; -#[cfg(target_os = "macos")] -pub mod certificate_oids; -pub mod cipher_suite; -#[cfg(target_os = "macos")] -pub mod cms; -#[cfg(target_os = "macos")] -pub mod code_signing; -#[cfg(target_os = "macos")] -pub mod digest_transform; -#[cfg(target_os = "macos")] -pub mod encrypt_transform; -pub mod identity; -pub mod import_export; -pub mod item; -pub mod key; -pub mod keychain; -pub mod keychain_item; -pub mod policy; -pub mod random; -pub mod secure_transport; -#[cfg(target_os = "macos")] -pub mod transform; -pub mod trust; -#[cfg(target_os = "macos")] -pub mod trust_settings; |