Host-owned trust boundary for runtime-authored workflow guardrails.
Runtime-authored specs reference stable guardrail keys under step
opts[:guardrails]. Host applications own the registry that maps those keys
to validator modules before drafts are published, previewed, or executed.
Summary
Functions
Projects host-owned guardrails into editor-safe catalog metadata.
Types
@type catalog_error() :: Squidie.Workflow.Spec.validation_error()
@type decision() :: Squidie.Workflow.GuardrailRegistry.Decision.t()
@type guardrail_ref() :: %{ key: guardrail_key(), placement: placement(), policy: policy(), config: map() }
@type guardrail_validation_error() ::
:missing_guardrail_key
| :invalid_guardrail_key
| :unknown_guardrail_key
| :disabled_guardrail_key
| :incompatible_guardrail_module
@type placement() :: :input | :action | :output
@type policy() :: :block_publish | :block_run_start | :route_error | :audit
@type registry() :: %{optional(guardrail_key()) => registry_entry()} | keyword(registry_entry())
@type validation_error() :: Squidie.Workflow.Spec.validation_error()
Functions
@spec catalog(term()) :: {:ok, [catalog_entry()]} | {:error, {:invalid_guardrail_catalog, [catalog_error()]}}
Projects host-owned guardrails into editor-safe catalog metadata.