fix: security and so on#5
Open
chuangyeshuo wants to merge 21 commits into
Open
Conversation
Fix formatting in README.md for build instructions
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Add SecurityPlugin trait with check_request and mask_response - Add PluginLoader for config-driven plugin loading - Add built-in plugins: NoOp, SensitiveDataDetector, DataClassifier - Add SecurityLayer middleware for Tower integration - Update config to support security plugins in MiddlewareConfig - Update AGENTS.md with plugin system documentation Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Fix imports in plugin/mod.rs and plugin/loader.rs - Fix string formatting in builtins.rs classify_request - Format all plugin files with rustfmt - Remove unused ArcSwap import from loader.rs Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Add Debug trait to SecurityPlugin - Add Default trait to SensitivityLevel - Fix toml::Value handling for plugin config - Remove Eq requirement from PluginConfig (toml::Value not Eq) - Simplify body extraction in middleware Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
… Eq) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Add Google::GenerateContents tuple variant and iter() method for strum::EnumIter - Create generate_contents.rs endpoint type for Google Gemini - Remove google from .gitignore (was blocking valid code) - Remove unused bytes::Bytes import from builtins.rs - Remove unused mut in security.rs Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Feature/add agents md 0515
fix: wire security plugins into runtime
1. Streaming body collection: Add MAX_SECURITY_BODY_SIZE (10MB) limit to prevent memory exhaustion. Large responses are truncated. 2. Virtual key trust: Remove direct x-virtual-key header reading. Now extracts from request extensions (auth context) only. 3. Provider extraction: Now tries request extensions first, then falls back to URL path parsing (with note about unreliability). 4. Config path: Support both global.security and unified_api.security. Global takes precedence, unified_api is fallback. 5. LICENSE: Changed from Apache-2.0 to GPL-3.0-or-later in Cargo.toml Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
fix: address security middleware critical issues
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fix: security and so on