🏗️ fermata: redaction-first security model, unified .botsecrets config

Realign fermata around redaction (PostToolUse) as the primary security layer, with access control (PreToolUse) as supplementary write/bash protection. Remove botignore.toml — policy rules now live in .botsecrets [policy] section. Add fermata.toml as an alias for .botsecrets. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-26 01:10:07 +02:00
parent 77520819f6
commit 168aefd415
17 changed files with 571 additions and 423 deletions
@@ -1,47 +1,35 @@
-use dirigent_fermata::core::toml_config::{BotignoreToml, OpRules, BashRules};
+use dirigent_fermata::core::toml_config::{OpRules, BashRules};

 #[test]
-fn parses_full_config() {
+fn op_rules_deserialize() {
+    let src = r#"patterns = [".env*", "secrets/**"]"#;
+    let rules: OpRules = toml::from_str(src).unwrap();
+    assert_eq!(rules.patterns, vec![".env*", "secrets/**"]);
+}
+
+#[test]
+fn op_rules_default_is_empty() {
+    let rules = OpRules::default();
+    assert!(rules.patterns.is_empty());
+}
+
+#[test]
+fn bash_rules_deserialize() {
    let src = r#"
-[read]
-patterns = [".env*", "secrets/**"]
-
-[write]
-patterns = ["vendor/**", "*.lock"]
-
-[bash]
 deny = ["rm -rf /", "git push --force*"]
 ask = ["rm:*"]
 allow_prefixes = ["make test", "git checkout:*"]
 "#;
-    let cfg: BotignoreToml = toml::from_str(src).unwrap();
-    assert_eq!(cfg.read.unwrap().patterns, vec![".env*", "secrets/**"]);
-    assert_eq!(cfg.write.unwrap().patterns, vec!["vendor/**", "*.lock"]);
-    let bash = cfg.bash.unwrap();
-    assert_eq!(bash.deny, vec!["rm -rf /", "git push --force*"]);
-    assert_eq!(bash.ask, vec!["rm:*"]);
-    assert_eq!(bash.allow_prefixes, vec!["make test", "git checkout:*"]);
+    let rules: BashRules = toml::from_str(src).unwrap();
+    assert_eq!(rules.deny, vec!["rm -rf /", "git push --force*"]);
+    assert_eq!(rules.ask, vec!["rm:*"]);
+    assert_eq!(rules.allow_prefixes, vec!["make test", "git checkout:*"]);
 }

 #[test]
-fn empty_config_is_valid() {
-    let cfg: BotignoreToml = toml::from_str("").unwrap();
-    assert!(cfg.read.is_none());
-    assert!(cfg.write.is_none());
-    assert!(cfg.bash.is_none());
-}
-
-#[test]
-fn loads_from_disk_when_present() {
-    let tmp = tempfile::tempdir().unwrap();
-    std::fs::write(tmp.path().join("botignore.toml"), "[read]\npatterns = [\".env\"]\n").unwrap();
-    let cfg = BotignoreToml::load(tmp.path()).unwrap();
-    assert_eq!(cfg.read.unwrap().patterns, vec![".env"]);
-}
-
-#[test]
-fn loads_empty_when_missing() {
-    let tmp = tempfile::tempdir().unwrap();
-    let cfg = BotignoreToml::load(tmp.path()).unwrap();
-    assert!(cfg.read.is_none());
+fn bash_rules_default_is_empty() {
+    let rules = BashRules::default();
+    assert!(rules.deny.is_empty());
+    assert!(rules.ask.is_empty());
+    assert!(rules.allow_prefixes.is_empty());
 }