Cerbi.Governance.Core 2.0.20

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package Cerbi.Governance.Core --version 2.0.20
                    


                    

                
NuGet\Install-Package Cerbi.Governance.Core -Version 2.0.20
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Cerbi.Governance.Core" Version="2.0.20" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Cerbi.Governance.Core" Version="2.0.20" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Cerbi.Governance.Core" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Cerbi.Governance.Core --version 2.0.20
                    


                    

                
#r "nuget: Cerbi.Governance.Core, 2.0.20"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Cerbi.Governance.Core@2.0.20
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Cerbi.Governance.Core&version=2.0.20
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Cerbi.Governance.Core&version=2.0.20
                    


                            Install as a Cake Tool

Cerbi.Governance.Core

Lightweight shared governance contracts for runtime validation, analyzer enforcement, redaction rules, scoring metadata, and structured logging governance across the CerbiSuite ecosystem.

Cerbi.Governance.Core provides the canonical models, JSON schema, profile versioning, scoring weights, and plugin contracts used by:

  • CerbiStream (logging + runtime enforcement)
  • Cerbi.GovernanceAnalyzer (compile-time enforcement via Roslyn)
  • Cerbi.Governance.Runtime (real-time validator)
  • CerbiShield Dashboard (governance creation, deploy, and reporting)
  • CerbIQ & CerbiSense (downstream scoring, routing, ML)

It is intentionally small, dependency-light, cross-compatible, and safe to reference from analyzers, runtime services, plugins, and distributed .NET apps.

Why This Exists

Traditional .NET loggers — Serilog, NLog, Log4Net, MEL, OpenTelemetry Logging, Seq, Loki, etc. — provide excellent observability, but none enforce governance:

  • They cannot block or tag forbidden fields (SSN, CreditCardNumber, Email).
  • They cannot prove compliance for GDPR/HIPAA/SOC2.
  • They cannot redline violations at compile-time.
  • They cannot guarantee profile consistency across teams and microservices.
  • They cannot apply weighted scoring for violation impact.

Cerbi.Governance.Core solves this by defining a shared governance contract for redaction, required fields, forbidden fields, tagging, encryption rules, rule severity, and optional scoring weights — used everywhere from analyzers to runtime services.

Think of it as the “governance schema & rule engine spine” of the Cerbi ecosystem.

Key Features

  • Canonical governance model

    • CerbiGovernance, LogProfile, FieldRules, EncryptionSettings, ScoringSettings, and typed enums.

  • Governance JSON Schema Versioned, strict schema for rule sets, under Schema/.

  • Optional scoring metadata

    • scoring.enabled
    • scoring.weightsBySeverity (Info/Warn/Error → number)
    • scoring.pluginWeights (ruleId → number)
    • scoring.version (semver for scoring model)

  • Sample profiles Ready-to-use examples under Samples/.

  • Runtime validator contracts

    • IGovernanceValidator
    • GovernanceValidator (lightweight real-time validator)

  • Plugin support Extend governance using ICustomGovernancePlugin (e.g., TeamIdPlugin).

  • GovernanceConfigLoader Safe config loader with:

    • case-insensitive parsing
    • minimal allocations
    • injectable logging (GovernanceConfigLoader.Log)
    • graceful error handling

  • Analyzer-safe Library is safe to load inside Roslyn analyzers (no heavyweight dependencies).

  • Versioned profile support Enables future schema evolution without breaking deployed apps.

  • Zero external dependencies Dependency-light and analyzer-friendly.

Where This Fits in CerbiSuite

CerbiShield Dashboard (rule creation, versioning, deploy)
               │
               ▼
Cerbi.Governance.Core  <— shared models, schema, plugin contracts
               │
 ┌─────────────┼─────────────────────────────┐
 │             │                             │
 ▼             ▼                             ▼
Cerbi.GovernanceAnalyzer   Cerbi.Governance.Runtime   CerbiStream (logging)
(compile-time rules)       (runtime validation)        (logging + tagging)

Downstream:

  • CerbIQ → routing, metadata aggregation, violation scoring
  • CerbiSense → ML analysis, anomaly detection, trend forecasting

How It Compares (SEO-friendly)

This library does not replace existing loggers or collectors.

Instead, it adds governance where they cannot:

Ecosystem Strengths Missing Cerbi.Governance.Core Provides
Serilog Flexible sinks No governance or PII enforcement Required/Forbidden fields, redaction, rule validation
NLog High-throughput No compile-time rules Consistent profile enforcement
Log4Net Legacy support No structured governance Modern schema-based rules
MEL Framework-native No governance Runtime validation contract
OpenTelemetry Collector / OTLP Distributed traces/logs No app-level log governance Pre-filter & enforce before logs leave the app
Grafana Loki / Promtail / Alloy Centralized storage No PII protection Local redaction & violation tagging
Fluentd / FluentBit Flexible routing No governance Pre-ingestion validation
Seq Great search UI No governance Rule enforcement before shipping logs
Elastic / OpenSearch / Graylog / VictoriaLogs Indexing Cannot prevent sensitive logs Enforced governance upstream

Cerbi adds governance on top of whichever logger or collector you already use.

Installation

dotnet add package Cerbi.Governance.Core

Point your project to its governance JSON file:

using Cerbi.Governance;

[assembly: CerbiGovernanceConfig("cerbi_governance.json")]

This supports analyzers, runtime validators, and profile discovery.

Quickstart: Runtime Validation

using Cerbi.Governance.Core.Validation;
using System.Text.Json;

// 1. Load your governance profile (you control this)
var profile = /* parse using GovernanceConfigLoader or your own logic */;

// 2. Sample log payload
string payload = @"{ ""Email"": ""john.doe@example.com"", ""Amount"": 250 }";
var json = JsonDocument.Parse(payload);

// 3. Validate
var validator = new GovernanceValidator();
var result = validator.Validate(profile, json.RootElement);

if (result.Violations.Any())
{
    Console.WriteLine("Governance violations detected:");
    foreach (var v in result.Violations)
        Console.WriteLine($" - {v.Message}");
}

Quickstart: Using GovernanceConfigLoader

GovernanceConfigLoader.Log = s => logger.LogInformation(s);

var loader = new GovernanceConfigLoader("cerbi_governance.json");
var config = loader.Load();

Console.WriteLine($"Loaded {config.Profiles.Count} profiles.");

Safe-by-default:

  • Gracefully handles missing files
  • Gracefully handles parse failures
  • Converts JSON case-insensitively
  • Does not throw by default

Example Governance Profile (with scoring)

{
  "name": "payments-default",
  "appName": "PaymentsService",
  "version": "1.2.0",
  "status": "Published",
  "metadata": {
    "description": "Default governance for payment logs",
    "owner": "payments-team",
    "createdAt": "2024-11-01T10:00:00Z"
  },
  "requiredFields": [ "operation", "appName" ],
  "disallowedFields": [ "ssn", "creditCardNumber" ],
  "fieldSeverities": {
    "customerId": "Error",
    "region": "Warn"
  },
  "scoring": {
    "enabled": true,
    "weightsBySeverity": {
      "Info": 0.5,
      "Warn": 1.0,
      "Error": 5.0
    },
    "pluginWeights": {
      "CERBI_TEAM_ID": 2.0
    },
    "version": "1.0.0"
  }
}

Re-Baseline: Build, Test, Validate

1. Verify SDK

dotnet --info

2. Build and Test

dotnet restore
dotnet build -c Release
dotnet test -c Release

3. Optional Benchmarks

scripts/bench.sh   # Linux/macOS
scripts/bench.ps1  # Windows

Contributing

  • dotnet test to run tests
  • All warnings treated as errors in CI
  • Roslyn-analyzer safe — keep dependencies minimal
  • PRs welcome

Roadmap

  • Additional unit test coverage (helpers, plugins)
  • More sample governance profiles
  • Fully unify System.Text.Json usage
  • Optional structured logger for config loader
  • Future versioned schema evolution
  • Expanded scoring strategies (per-field impact, decay models)

License

MIT — see LICENSE.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (6)

Showing the top 5 NuGet packages that depend on Cerbi.Governance.Core:

Package Downloads
CerbiStream

CerbiStream.Logging - Secure, Scalable, and Standardized Logging for Modern Applications.
CerbiStream.GovernanceAnalyzer

Roslyn analyzer to enforce structured logging governance for CerbiStream apps. Ensures consistency, traceability, and compliance with score shipping support.
Cerbi.MEL.Governance

Real-time governance enforcement for Microsoft.Extensions.Logging (MEL) using the Cerbi validation engine.
Cerbi.Governance.Runtime

Real-time governance enforcement for CerbiStream and other structured loggers.
Cerbi.Serilog.GovernanceAnalyzer

Serilog governance analyzer plugin: runtime validation, filtering, enrichment, live reload, correlation, relaxed diagnostics, and high-throughput score shipping with ArrayPool optimizations. Supports .NET 8.0+ and .NET 10.0.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
2.0.22 153 3/1/2026
2.0.20 88 2/26/2026
1.0.16 113 2/23/2026
1.0.15 948 12/19/2025
1.0.13 210 12/5/2025
1.0.12 208 11/24/2025
1.0.11 248 11/22/2025
1.0.10 264 11/22/2025
1.0.9 206 11/15/2025
1.0.8 216 10/30/2025
1.0.7 207 10/30/2025
1.0.6 211 10/30/2025
1.0.5 134 10/24/2025
1.0.4 152 10/24/2025
1.0.3 154 10/24/2025
1.0.2 3,050 5/19/2025
1.0.1 1,095 5/17/2025
1.0.0 207 5/17/2025