From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 15 Jul 2025 16:37:08 -0600 Subject: feat: migrate from Cedar to SpiceDB authorization system This is a major architectural change that replaces the Cedar policy-based authorization system with SpiceDB's relation-based authorization. Key changes: - Migrate from Rust to Go implementation - Replace Cedar policies with SpiceDB schema and relationships - Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks - Update build system and dependencies for Go ecosystem - Maintain Envoy integration for external authorization This change enables more flexible permission modeling through SpiceDB's Google Zanzibar inspired relation-based system, supporting complex hierarchical permissions that were difficult to express in Cedar. Breaking change: Existing Cedar policies and Rust-based configuration will no longer work and need to be migrated to SpiceDB schema. --- vendor/winapi-util/src/lib.rs | 35 ----------------------------------- 1 file changed, 35 deletions(-) delete mode 100644 vendor/winapi-util/src/lib.rs (limited to 'vendor/winapi-util/src/lib.rs') diff --git a/vendor/winapi-util/src/lib.rs b/vendor/winapi-util/src/lib.rs deleted file mode 100644 index ea9d4eab..00000000 --- a/vendor/winapi-util/src/lib.rs +++ /dev/null @@ -1,35 +0,0 @@ -/*! -This crate provides a smattering of safe routines for parts of windows-sys. The -primary purpose of this crate is to serve as a dumping ground for various -utility functions that make interactions with windows-sys safe. This permits the -centralization of `unsafe` when dealing with Windows APIs, and thus makes it -easier to audit. - -A key abstraction in this crate is the combination of the -[`Handle`](struct.Handle.html) -and -[`HandleRef`](struct.HandleRef.html) -types. Both represent a valid Windows handle to an I/O-like object, where -`Handle` is owned (the resource is closed when the handle is dropped) and -`HandleRef` is borrowed (the resource is not closed when the handle is -dropped). Many of the routines in this crate work on handles and accept -anything that can be safely converted into a `HandleRef`. This includes -standard library types such as `File`, `Stdin`, `Stdout` and `Stderr`. - -Note that this crate is completely empty on non-Windows platforms. -*/ - -#[cfg(windows)] -pub use win::*; - -/// Safe routines for dealing with the Windows console. -#[cfg(windows)] -pub mod console; -/// Safe routines for dealing with files and handles on Windows. -#[cfg(windows)] -pub mod file; -#[cfg(windows)] -/// Safe routines for querying various Windows specific properties. -pub mod sysinfo; -#[cfg(windows)] -mod win; -- cgit v1.2.3