{"id":35797643,"url":"https://github.com/usetero/policy-zig","last_synced_at":"2026-03-04T04:04:36.282Z","repository":{"id":330322461,"uuid":"1122409388","full_name":"usetero/policy-zig","owner":"usetero","description":"Zig library implementing the Policy specification.","archived":false,"fork":false,"pushed_at":"2026-03-02T21:28:33.000Z","size":295,"stargazers_count":1,"open_issues_count":3,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-03-02T23:44:57.167Z","etag":null,"topics":["observability","policy","telemetry","zig"],"latest_commit_sha":null,"homepage":"","language":"Zig","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/usetero.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-24T17:01:09.000Z","updated_at":"2026-03-02T21:24:23.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/usetero/policy-zig","commit_stats":null,"previous_names":["usetero/policy-zig"],"tags_count":18,"template":false,"template_full_name":null,"purl":"pkg:github/usetero/policy-zig","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usetero%2Fpolicy-zig","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usetero%2Fpolicy-zig/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usetero%2Fpolicy-zig/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usetero%2Fpolicy-zig/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/usetero","download_url":"https://codeload.github.com/usetero/policy-zig/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usetero%2Fpolicy-zig/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30071671,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-04T03:25:38.285Z","status":"ssl_error","status_checked_at":"2026-03-04T03:25:05.086Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["observability","policy","telemetry","zig"],"created_at":"2026-01-07T10:04:44.859Z","updated_at":"2026-03-04T04:04:36.266Z","avatar_url":"https://github.com/usetero.png","language":"Zig","funding_links":[],"categories":[],"sub_categories":[],"readme":"# policy-zig\n\nZig library for the [Tero](https://usetero.com) Policy spec. Provides policy\nloading, evaluation, and transformation for telemetry data (logs, metrics,\ntraces).\n\nExtracted from [usetero/edge](https://github.com/usetero/edge) as a standalone\nlibrary so it can be consumed independently.\n\n## Features\n\n- **Policy Engine** - Hyperscan-based pattern matching for efficient policy\n  evaluation against telemetry data\n- **Multiple Providers** - Load policies from file or HTTP sources with\n  priority-based conflict resolution\n- **Async Loading** - Non-blocking policy loading so services can start handling\n  requests immediately\n- **Transforms** - Apply log transformations (redact, remove, rename, add\n  fields) based on matched policies\n- **Sampling \u0026 Rate Limiting** - Built-in support for log/trace sampling and\n  rate limiting\n- **Lock-free Reads** - Atomic snapshot pointer for concurrent policy access\n  without locks\n\n## Requirements\n\n- [Zig](https://ziglang.org/) \u003e= 0.15.2\n- [Vectorscan](https://github.com/VectorCamp/vectorscan) (or Hyperscan) -\n  high-performance regex matching\n\n### Install Vectorscan\n\n**macOS:**\n\n```sh\nbrew install vectorscan pkg-config\n```\n\n**Debian/Ubuntu:**\n\n```sh\nsudo apt-get install -y libhyperscan-dev pkg-config\n```\n\n**RHEL/Fedora:**\n\n```sh\nsudo yum install -y hyperscan-devel pkg-config\n```\n\nOr run `task ci:setup` to install automatically.\n\n## Quick Start\n\n### Build\n\n```sh\nzig build\n```\n\n### Test\n\n```sh\nzig build test\n```\n\n### Using as a Dependency\n\nAdd to your `build.zig.zon`:\n\n```zig\n.dependencies = .{\n    .policy_zig = .{\n        .url = \"git+https://github.com/usetero/policy-zig#\u003ccommit\u003e\",\n        .hash = \"\u003chash\u003e\",\n    },\n},\n```\n\nThen in your `build.zig`:\n\n```zig\nconst policy_dep = b.dependency(\"policy_zig\", .{\n    .target = target,\n    .optimize = optimize,\n});\nyour_module.addImport(\"policy_zig\", policy_dep.module(\"policy_zig\"));\n```\n\n### Library Usage\n\n```zig\nconst policy = @import(\"policy_zig\");\n\n// Create a registry\nvar registry = policy.Registry.init(allocator, bus);\ndefer registry.deinit();\n\n// Create a file provider and subscribe it to the registry (one step)\nconst file_provider = try policy.FileProvider.init(allocator, bus, .{\n    .id = \"local\",\n    .path = \"policies.json\",\n});\ndefer file_provider.deinit();\n\ntry registry.subscribe(.{ .file = file_provider });\n\n// Periodically flush per-policy stats to providers\nregistry.flushStats();\n```\n\n## Architecture\n\n```\nsrc/\n  policy/\n    root.zig            # Public API - all exports\n    policy_engine.zig   # Hyperscan-based policy evaluation\n    matcher_index.zig   # Inverted index for pattern matching\n    registry.zig        # Policy registry with atomic snapshots\n    parser.zig          # Policy parsing\n    loader.zig          # Async policy loader\n    provider.zig        # Provider callback types\n    provider_file.zig   # File-based provider\n    provider_http.zig   # HTTP-based provider\n    source.zig          # Source types and metadata\n    types.zig           # Shared type definitions and Provider tagged union\n    log_transform.zig   # Log transformation (redact, remove, rename, add)\n    sampler.zig         # Log sampling\n    trace_sampler.zig   # Trace sampling\n    rate_limiter.zig    # Rate limiting\n    hyperscan.zig       # Vectorscan/Hyperscan C bindings\n  observability/        # Event bus, spans, formatters\n  proto/                # Generated protobuf definitions\n```\n\n### How Policy Evaluation Works\n\n1. Policies are compiled into Hyperscan databases indexed by matcher key\n2. At evaluation time, field values are scanned against the compiled databases\n3. Match counts are aggregated per policy using O(1) array operations\n4. The highest priority fully-matched policy determines the filter/transform\n   result\n\nThis gives O(k \\* n) performance where k = unique matcher keys and n = input\ntext length, independent of policy count.\n\n## Task Commands\n\nThis project uses [Task](https://taskfile.dev/) for common operations:\n\n| Command              | Description                                      |\n| -------------------- | ------------------------------------------------ |\n| `task`               | Build (debug)                                    |\n| `task test`          | Run all tests                                    |\n| `task build:release` | Build with ReleaseFast                           |\n| `task build:safe`    | Build with ReleaseSafe                           |\n| `task format`        | Format source files                              |\n| `task format:check`  | Check formatting                                 |\n| `task lint`          | Run linting checks                               |\n| `task clean`         | Clean build artifacts                            |\n| `task do`            | Run all pre-commit checks (format + lint + test) |\n| `task signoff`       | Full signoff (do + build:safe + gh signoff)      |\n| `task ci:setup`      | Install CI/dev dependencies                      |\n\n## License\n\nSee [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fusetero%2Fpolicy-zig","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fusetero%2Fpolicy-zig","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fusetero%2Fpolicy-zig/lists"}