From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 15 Jul 2025 16:37:08 -0600 Subject: feat: migrate from Cedar to SpiceDB authorization system This is a major architectural change that replaces the Cedar policy-based authorization system with SpiceDB's relation-based authorization. Key changes: - Migrate from Rust to Go implementation - Replace Cedar policies with SpiceDB schema and relationships - Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks - Update build system and dependencies for Go ecosystem - Maintain Envoy integration for external authorization This change enables more flexible permission modeling through SpiceDB's Google Zanzibar inspired relation-based system, supporting complex hierarchical permissions that were difficult to express in Cedar. Breaking change: Existing Cedar policies and Rust-based configuration will no longer work and need to be migrated to SpiceDB schema. --- vendor/tinyvec/README.md | 34 ---------------------------------- 1 file changed, 34 deletions(-) delete mode 100644 vendor/tinyvec/README.md (limited to 'vendor/tinyvec/README.md') diff --git a/vendor/tinyvec/README.md b/vendor/tinyvec/README.md deleted file mode 100644 index 740959e2..00000000 --- a/vendor/tinyvec/README.md +++ /dev/null @@ -1,34 +0,0 @@ -[![License:Zlib](https://img.shields.io/badge/License-Zlib-brightgreen.svg)](https://opensource.org/licenses/Zlib) -![Minimum Rust Version](https://img.shields.io/badge/Min%20Rust-1.47-green.svg) -[![crates.io](https://img.shields.io/crates/v/tinyvec.svg)](https://crates.io/crates/tinyvec) -[![docs.rs](https://docs.rs/tinyvec/badge.svg)](https://docs.rs/tinyvec/) - -![Unsafe-Zero-Percent](https://img.shields.io/badge/Unsafety-0%25-brightgreen.svg) - -# tinyvec - -A 100% safe crate of vec-like types. -Not just safe at the public API boundary, fully safe for all internal code too: `#![forbid(unsafe_code)]` - -The provided types are as follows: -* `ArrayVec` is an array-backed vec-like data structure. It panics on overflow. -* `SliceVec` is similar, but using a `&mut [T]` as the data backing. -* `TinyVec` (`alloc` feature) is an enum that's either an `Inline(ArrayVec)` or a `Heap(Vec)`. - If a `TinyVec` is `Inline` and would overflow its array it automatically transitions to `Heap` and continues whatever it was doing. - -To attain this "100% safe code" status there is one compromise: the element type of the vecs must implement `Default`. - -For more API details, please see [the docs.rs documentation](https://docs.rs/tinyvec/) - -## `tinyvec` Alternatives? - -Maybe you don't want to use `tinyvec`, there's other crates you might use instead! - -* [arrayvec](https://docs.rs/arrayvec) is a crate with array-backed structures. -* [smallvec](https://docs.rs/smallvec) is a crate where the array-backed data can be moved to the heap on overflow. - -The main difference is that both of those crates use `unsafe` code. -This mostly allows them to get rid of the `Default` limitation for elements that `tinyvec` imposes. -The `smallvec` and `arrayvec` crates are generally correct, but there's been occasional bugs leading to UB. -With `tinyvec`, any uncaught bugs *can't* lead to UB, because the crate is safe code all the way through. -If you want that absolute level of assurance against UB, use `tinyvec`. -- cgit v1.2.3