Documentation
¶
Overview ¶
Package ifc provides Information Flow Control labels for annotating MCP tool outputs. The actual IFC enforcement engine lives in a separate service; this package only defines the label schema used for annotations.
Index ¶
- type Confidentiality
- type Integrity
- type SecurityLabel
- func LabelGetFileContents(isPrivate bool) SecurityLabel
- func LabelGetMe() SecurityLabel
- func LabelListIssues(isPrivate bool) SecurityLabel
- func LabelSearchIssues(repoVisibilities []bool) SecurityLabel
- func PrivateTrusted() SecurityLabel
- func PrivateUntrusted() SecurityLabel
- func PublicTrusted() SecurityLabel
- func PublicUntrusted() SecurityLabel
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Confidentiality ¶
type Confidentiality string
const ( ConfidentialityPublic Confidentiality = "public" ConfidentialityPrivate Confidentiality = "private" )
type SecurityLabel ¶
type SecurityLabel struct {
Integrity Integrity `json:"integrity"`
Confidentiality Confidentiality `json:"confidentiality"`
}
func LabelGetFileContents ¶ added in v1.0.5
func LabelGetFileContents(isPrivate bool) SecurityLabel
LabelGetFileContents returns the IFC label for a get_file_contents result. Public repository file contents may be authored by anyone via pull requests and are therefore untrusted. In private repositories only collaborators can land changes, so contents are treated as trusted.
func LabelGetMe ¶
func LabelGetMe() SecurityLabel
func LabelListIssues ¶ added in v1.0.5
func LabelListIssues(isPrivate bool) SecurityLabel
LabelListIssues returns the IFC label for a list_issues result. Public repositories are universally readable; private repositories are restricted to their collaborators (resolved client-side from the marker). Issue contents are attacker-controllable, so integrity is always untrusted.
func LabelSearchIssues ¶ added in v1.0.5
func LabelSearchIssues(repoVisibilities []bool) SecurityLabel
LabelSearchIssues returns the IFC label for a multi-repository search result, joining per-repository labels across all matched repositories. Used by both search_issues and search_repositories.
Integrity is always untrusted because results expose user-authored content.
Confidentiality follows the IFC meet (greatest lower bound): if any matched repository is private the joined label is private; otherwise public. The reader set is opaque (the "private" marker); the client engine resolves concrete readers on demand at egress decision time.
An empty result set is treated as public-untrusted (no repository data is leaked).
func PrivateTrusted ¶ added in v1.0.5
func PrivateTrusted() SecurityLabel
PrivateTrusted returns a label for trusted data restricted to the readers of the originating repository. The reader set is opaque on the wire (a single "private" marker); the client engine resolves the concrete readers from the GitHub API on demand at egress decision time.
func PrivateUntrusted ¶ added in v1.0.5
func PrivateUntrusted() SecurityLabel
PrivateUntrusted returns a label for untrusted data restricted to the readers of the originating repository. See PrivateTrusted for the reader resolution model.
func PublicTrusted ¶ added in v1.0.5
func PublicTrusted() SecurityLabel
PublicTrusted returns a label for trusted, publicly readable data.
func PublicUntrusted ¶ added in v1.0.5
func PublicUntrusted() SecurityLabel
PublicUntrusted returns a label for untrusted, publicly readable data.
Source Files