CerbiStream.GovernanceAnalyzer
1.1.8
dotnet add package CerbiStream.GovernanceAnalyzer --version 1.1.8
NuGet\Install-Package CerbiStream.GovernanceAnalyzer -Version 1.1.8
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="CerbiStream.GovernanceAnalyzer" Version="1.1.8" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="CerbiStream.GovernanceAnalyzer" Version="1.1.8" />
<PackageReference Include="CerbiStream.GovernanceAnalyzer" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add CerbiStream.GovernanceAnalyzer --version 1.1.8
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: CerbiStream.GovernanceAnalyzer, 1.1.8"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#addin nuget:?package=CerbiStream.GovernanceAnalyzer&version=1.1.8
#tool nuget:?package=CerbiStream.GovernanceAnalyzer&version=1.1.8
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
CerbiStream Governance Analyzer
π‘οΈ CerbiStream Governance Analyzer
CerbiStream-GovernanceAnalyzer is a high-performance, plugin-extensible governance engine for structured logging in .NET. It enables both runtime enforcement and compile-time analysis (via Roslyn Analyzer) to ensure logging consistency, security, and observability compliance.
β Whatβs New?
- π Live Reloading of JSON governance configs
- π§ Plugin Architecture β inject dynamic validation rules (per environment, compliance, etc.)
- π₯ Per-field Type & Enum Enforcement (Roslyn-only)
- β DisallowedFields Support (Roslyn-only)
- π Governance Modes:
Permissive,WarnOnly,Strict - π Impact Scoring for governance violations (coming soon)
- π Roslyn Analyzer to catch issues at build-time
π¦ Installation
dotnet add package CerbiStream.GovernanceAnalyzer
π₯ Why Use CerbiStream-GovernanceAnalyzer?
- Compile-Time Log Validation β Prevents misformatted logs before deployment.
- Structured Logging Enforcement β Ensures consistent log structures across teams.
- Customizable Rules via JSON β Allows organizations to define mandatory fields for logs.
- Seamless Integration with CerbiStream β Works alongside CerbiStream for log governance.
- Lightweight & Fast β Runs at build time, avoiding runtime performance impact.
π How It Works
1. Governance via JSON Profiles
- Runtime only enforces EncryptionSettings (e.g., AES, Base64).
- Compile-time (Roslyn) enforcement includes:
- Required / Forbidden fields
- Field types and enums
- Encryption validation
2. Build-Time Roslyn Enforcement
- Validates log usage against governance profile during compilation.
- Fails build if required fields are missing or forbidden fields are present.
// Valid log
logger.LogInformation("User login successful | UserId: {UserId}", userId);
// Invalid log (missing required UserId)
logger.LogInformation("User login successful"); // β Build fails
3. Runtime Use (Optional)
var isValid = GovernanceHelper.TryValidate("PIILog", logData, out var errors);
if (!isValid)
{
Console.WriteLine("Governance violations:");
errors.ForEach(Console.WriteLine);
}
π§ Runtime Enforcement Summary
| Rule Type | Enforced at Runtime | Enforced by Roslyn |
|---|---|---|
| Encryption Mode | β Yes | β Yes |
| Required Fields | β No | β Yes |
| Forbidden Fields | β No | β Yes |
| FieldTypes (e.g., Guid) | β No | β Yes |
| FieldEnums | β No | β Yes |
π Config Format (Simplified)
{
"EnforcementMode": "Strict",
"LoggingProfiles": {
"PIILog": {
"AllowedLevels": ["Information", "Error"],
"FieldSeverities": {
"userId": "Required",
"ssn": "Forbidden"
},
"FieldTypes": {
"userId": "Guid"
},
"EncryptionSettings": {
"Mode": "AES",
"FieldSeverity": "Required"
}
}
}
}
ποΈ Plugin Support
You can inject custom logic to extend governance enforcement:
public class TeamIdPlugin : ICustomGovernancePlugin
{
public bool Validate(string profile, Dictionary<string, object> logData, out List<string> failures, out int impactScore)
{
failures = new();
impactScore = 0;
if (logData.TryGetValue("Environment", out var env) &&
env?.ToString() == "Production" &&
!logData.ContainsKey("TeamId"))
{
failures.Add("MissingField: TeamId is required in Production");
impactScore = 5;
return false;
}
return true;
}
}
π§ Governance Analyzer Goals
| Feature | Status |
|---|---|
| Compile-time enforcement | β Done |
| Runtime encryption check | β Done |
| Plugin engine | β Done |
| Governance score output | π§ Coming soon |
π Roadmap
- π Roslyn-based preview tooling
- π CerbIQ impact scoring dashboard integration
- π Governance metrics via CerbiShield
- π§ Plugin SDK + CI integrations
π’ License & Contact
- License: MIT
- NuGet: GovernanceAnalyzer
- Website: cerbi.systems
- Contact: hello@cerbi.io
Secure. Structured. Compliant. CerbiStream Governance Analyzer
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- Microsoft.CodeAnalysis.CSharp (>= 4.13.0)
- Newtonsoft.Json (>= 13.0.3)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.