Documentation
¶
Overview ¶
Package security manages trust decisions and persistence for repository config files.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TrustManager ¶
type TrustManager struct {
// contains filtered or unexported fields
}
TrustManager stores trusted hashes and enforces TOFU (Trust On First Use).
func NewTrustManager ¶
func NewTrustManager() *TrustManager
NewTrustManager creates and loads the persisted trust database.
func (*TrustManager) CheckTrust ¶
func (tm *TrustManager) CheckTrust(filePath string) TrustStatus
CheckTrust validates the given file path against the trust database using TOFU (Trust On First Use). Returns TrustStatusTrusted if the file hash matches a previously trusted hash, TrustStatusUntrusted if the file is new or has changed, or TrustStatusNotFound if the file doesn't exist.
func (*TrustManager) TrustFile ¶
func (tm *TrustManager) TrustFile(filePath string) error
TrustFile records the current hash of a file as trusted and persists it to disk. Once trusted, the file's commands will run automatically until the file content changes.
type TrustStatus ¶
type TrustStatus int
TrustStatus represents the outcome of a trust check on a file.
const ( // TrustStatusTrusted indicates the file matches a known hash. TrustStatusTrusted TrustStatus = iota // TrustStatusUntrusted means the file either changed or has not been trusted yet. TrustStatusUntrusted // TrustStatusNotFound is returned when the file does not exist. TrustStatusNotFound )
Source Files