All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Minimal Versions CI Compatibility: Updated minimum dependency versions to ensure compatibility with
cargo minimal-versionstesting on Rust nightlyhashbrown≥ 0.14.5 (fixes ahash stdsimd feature issue with modern nightly Rust)lazy_static≥ 1.3.0 (fixes macro export issues with sharded-slab)anyhow≥ 1.0.40 (fixes backtrace trait compatibility)thiserror≥ 1.0.20 (ensures full #[from] attribute support)chrono≥ 0.4.20 (ensures DateTime::default() implementation)tracing-subscriber≥ 0.3.18 (uses compatible sharded-slab version)
0.1.0 - 2024-08-16
🎉 Initial release of Rust Guardian - Production-ready dynamic code quality enforcement
Rust Guardian delivers enterprise-grade code quality validation with clean architecture, blazing performance, and comprehensive integration capabilities. Built with Domain-Driven Design principles and optimized for autonomous agent workflows, CI/CD pipelines, and development teams.
- Pattern-Based Analysis: Advanced detection of placeholder code, TODOs, unimplemented macros, and incomplete implementations
- Architectural Compliance: Validates module boundaries, bounded context integrity, and design principles
- Multi-Pattern Engine: Supports regex patterns, AST analysis, and semantic code understanding
- Severity Management: Configurable error/warning/info levels with blocking violation control
- Comprehensive Commands:
check,watch,validate-config,rules,explain,cacheoperations - Multiple Output Formats: Human-readable, JSON, JUnit XML, SARIF, GitHub Actions, Agent-friendly
- Advanced Filtering: Severity-based filtering, max violations, exclude patterns, .guardianignore support
- Performance Options: Parallel processing control, intelligent caching, fail-fast modes
- CI/CD Ready: Native support for GitHub Actions, GitLab CI, Jenkins with structured output formats
- Pre-commit Hooks: Seamless integration with git pre-commit workflows
- Agent Automation: Specialized API for autonomous development agents and programmatic validation
- Watch Mode: Real-time validation with debounced file watching for development workflows
- Domain Layer: Rich violation models with behavior, not just data structures
- Application Layer: High-level validation orchestration and workflow management
- Infrastructure Layer: File system, caching, parsing, and external integrations
- Clear Boundaries: Strict separation between business logic and infrastructure concerns
- Parallel Processing: Multi-threaded analysis using Rayon for optimal CPU utilization
- Intelligent Caching: Hash-based file change detection with configurable cache strategies
- Memory Efficient: Streaming file processing, bounded memory usage, optimized allocations
- Fast Startup: Embedded patterns, minimal dependencies, quick initialization
- YAML Configuration: Flexible, hierarchical configuration with environment override support
- Path Pattern System: Gitignore-style patterns with include/exclude precedence rules
- Custom Patterns: Extensible rule engine for project-specific validation requirements
- Hot Reloading: Dynamic configuration updates in watch mode without restart
todo_comments: TODO, FIXME, HACK, XXX, BUG, REFACTOR markerstemporary_markers: "for now", "placeholder", "stub", "dummy" indicatorsunimplemented_macros: unimplemented!(), todo!(), panic!(), unreachable!() callsempty_ok_return: Functions returning Ok(()) without meaningful implementation
boundary_violations: Module import boundary enforcementhardcoded_paths: Detection of hardcoded file paths requiring configurationdomain_compliance: Domain-driven design principle validation
test_coverage: Identification of untested public functionscomplexity_analysis: Function length and nesting depth validationmagic_numbers: Hardcoded numeric literals requiring named constants
# Comprehensive project analysis
rust-guardian check --format json --severity error --cache
# CI/CD integration
rust-guardian check --format github --fail-fast --max-violations 0
# Development workflow
rust-guardian watch src/ --debounce 300
# Agent automation
rust-guardian check --format agent --severity warning- Color-coded terminal output with context lines
- File grouping and violation summaries
- Performance metrics and execution timing
- Simplified
[line:file]format for autonomous processing - Minimal noise, maximum actionability
- Optimized for programmatic consumption
- Complete structured data with metadata
- Violation details, severity classification, execution metrics
- Perfect for tooling integration and analysis
- JUnit XML: Test result integration for build pipelines
- SARIF: Security tool compatibility and vulnerability tracking
- GitHub Actions: Native GitHub workflow integration with annotations
Benchmarks (Medium Rust project: 5,000 files, 500k LOC):
- Cold Run: ~1.2 seconds (full analysis)
- Warm Run: ~0.2 seconds (with caching)
- Memory Usage: ~100MB peak
- Parallel Efficiency: 80%+ CPU utilization on multi-core systems
use rust_guardian::validate_files;
let report = validate_files(vec!["src/main.rs"]).await?;
if report.has_errors() {
eprintln!("Quality violations found!");
}use rust_guardian::{GuardianValidator, ValidationOptions, AnalysisOptions};
let mut validator = GuardianValidator::new()?
.with_cache("/tmp/guardian.cache")?;
let options = ValidationOptions {
analysis_options: AnalysisOptions {
parallel: true,
fail_fast: false,
..Default::default()
},
..Default::default()
};
let report = validator.validate_with_options(paths, &options).await?;use rust_guardian::agent;
// Pre-commit validation
agent::pre_commit_check(modified_files).await?;
// Development checks
let report = agent::development_check(files).await?;
// Production validation
agent::production_check(files).await?;- Pre-commit Validation: Blocks commits with quality violations
- Development Mode: Lenient checking for iterative development
- Production Mode: Strict validation for deployment readiness
- Async API: Non-blocking validation for responsive agent workflows
- Structured Errors: Rich error context for automated decision making
version: "1.0"
paths:
patterns:
- "target/" # Exclude build artifacts
- "**/*.md" # Exclude documentation
- "!README.md" # But include README
- "!src/**/*.rs" # Always check source code
patterns:
placeholders:
severity: error
enabled: true
rules:
- id: todo_comments
pattern: '\b(TODO|FIXME)\b'
message: "Placeholder comment: {match}"version: "1.0"
paths:
patterns:
- "legacy/**" # Exclude legacy code
- "!legacy/auth/" # Except auth refactor
- "**/*.generated.rs" # Exclude generated
- "src/core/**" # Always check core
patterns:
placeholders:
severity: error
enabled: true
architectural_violations:
severity: warning
enabled: true
custom_rules:
severity: error
enabled: true
rules:
- id: deprecated_api
pattern: 'old_api\('
message: "Use new_api() instead"Real-time validation during development:
- File System Monitoring: Efficient file watching with native OS integration
- Debounced Updates: Intelligent batching of rapid file changes
- Incremental Analysis: Only reanalyzes changed files for optimal performance
- Hot Configuration: Reloads patterns and rules without restart
- Focused Output: Clear indication of what changed and needs attention
- Hash-Based Invalidation: SHA-256 content hashing for accurate change detection
- Configuration Fingerprinting: Cache invalidation on configuration changes
- Selective Analysis: Skip unchanged files while maintaining accuracy
- Cache Management: Built-in cleanup, statistics, and maintenance commands
- Configurable Storage: Custom cache location and retention policies
# Validate configuration syntax
rust-guardian validate-config guardian.yaml
# List all available rules
rust-guardian rules --enabled-only
# Explain specific rule behavior
rust-guardian explain todo_comments# View cache performance
rust-guardian cache stats
# Clean stale entries
rust-guardian cache cleanup
# Reset cache completely
rust-guardian cache clearplaceholders: TODO comments, temporary markers, unimplemented macrosincomplete_implementations: Empty returns, minimal functions, stub methodsarchitectural_violations: Boundary violations, hardcoded paths, design compliancetesting_requirements: Coverage validation, test quality standardsquality_issues: Complexity analysis, magic numbers, code smells
- Error: Blocks commits, fails CI/CD builds, prevents deployment
- Warning: Informational feedback, doesn't fail by default
- Info: Suggestions and documentation, purely advisory
# Install from crates.io
cargo install rust-guardian
# Add as dependency
cargo add rust-guardian
# GitHub releases with precompiled binaries
# Docker images for containerized environments
# Package manager support (Homebrew, Chocolatey)- Memory Safety: 100% safe Rust with comprehensive error handling
- Input Validation: Robust parsing with malformed file protection
- Resource Limits: Configurable timeouts and memory boundaries
- Error Recovery: Graceful handling of filesystem errors and permission issues
- Deterministic Output: Consistent results across environments and platforms
- Zero Placeholders: Dogfooding - Guardian validates its own codebase
- Comprehensive Tests: Unit, integration, and performance test coverage
- Documentation: Complete API documentation with examples
- Benchmarks: Performance regression testing with criterion
- CI/CD Validation: Automated quality gates and compatibility testing