tking/fastapi-gsap
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
fastapi-gsap/.venv/lib/python3.12/site-packages/pygments/lexers/verifpal.py
Tyler J King e744336385 fix: capability enforcement, credential safety, atomic delegations, input validation 
C-6: ConnectorRuntime enforces capability_mask per operation.
     READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
     before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.

H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
     returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.

Signed-off-by: Tyler King <tking@guildhouse.dev>
2026-04-14 08:13:27 -04:00

65 lines
2.6 KiB
Python
Raw Blame History

"""
pygments.lexers.verifpal
~~~~~~~~~~~~~~~~~~~~~~~~
Lexers for Verifpal languages.
:copyright: Copyright 2006-present by the Pygments team, see AUTHORS.
:license: BSD, see LICENSE for details.
"""
from pygments.lexer import RegexLexer, words, bygroups, default
from pygments.token import Comment, Keyword, Name, String, Punctuation, \
Whitespace
__all__ = ['VerifpalLexer']
class VerifpalLexer(RegexLexer):
"""
For Verifpal code.
"""
name = 'Verifpal'
aliases = ['verifpal']
filenames = ['*.vp']
mimetypes = ['text/x-verifpal']
url = 'https://verifpal.com'
version_added = '2.16'
tokens = {
'root': [
(r'//.*$', Comment.Single),
(r'(principal)( +)(\w+)( *)(\[)(.*)$', bygroups(Name.Builtin, Whitespace, String, Whitespace, Punctuation, Whitespace)),
(r'(attacker)( *)(\[)( *)(passive|active)( *)(\])( *)$', bygroups(Name.Builtin, Whitespace, Punctuation, Whitespace, String, Whitespace, Punctuation, Whitespace)),
(r'(knows)( +)(private|public)( +)', bygroups(Name.Builtin, Whitespace, Keyword.Constant, Whitespace), 'shared'),
(r'(queries)( +)(\[)', bygroups(Name.Builtin, Whitespace, Punctuation), 'queries'),
(r'(\w+)( +)(->|→)( *)(\w+)( *)(\:)', bygroups(String, Whitespace, Punctuation, Whitespace, String, Whitespace, Punctuation), 'shared'),
(words(('generates', 'leaks'), suffix=r'\b'), Name.Builtin, 'shared'),
(words(( 'phase', 'precondition',), suffix=r'\b'), Name.Builtin),
(r'[\[\(\)\]\?:=→^,]', Punctuation),
(r'->', Punctuation),
(words(('password',), suffix=r'\b'), Keyword.Constant),
(words(('AEAD_DEC', 'AEAD_ENC', 'ASSERT', 'BLIND', 'CONCAT',
'DEC', 'ENC', 'G', 'HASH', 'HKDF', 'MAC', 'PKE_DEC',
'PKE_ENC', 'PW_HASH', 'RINGSIGN', 'RINGSIGNVERIF',
'SHAMIR_JOIN', 'SHAMIR_SPLIT', 'SIGN', 'SIGNVERIF',
'SPLIT', 'UNBLIND', '_', 'nil'), suffix=r'\b'),
Name.Function),
(r'\s+', Whitespace),
(r'\w+', Name.Variable),
],
'shared': [
(r'[\^\[\],]', Punctuation),
(r' +', Whitespace),
(r'\w+', Name.Variable),
default('#pop')
],
'queries': [
(r'\s+', Name.Variable),
(words(('confidentiality?', 'authentication?', 'freshness?',
'unlinkability?', 'equivalence?'), suffix='( )'),
bygroups(Keyword.Pseudo, Whitespace), 'shared'),
default('#pop')
]
}
Reference in a new issue View git blame Copy permalink