CerbiStream.GovernanceAnalyzer 1.1.8

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package CerbiStream.GovernanceAnalyzer --version 1.1.8
                    


                    

                
NuGet\Install-Package CerbiStream.GovernanceAnalyzer -Version 1.1.8
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="CerbiStream.GovernanceAnalyzer" Version="1.1.8" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="CerbiStream.GovernanceAnalyzer" Version="1.1.8" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="CerbiStream.GovernanceAnalyzer" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add CerbiStream.GovernanceAnalyzer --version 1.1.8
                    


                    

                
#r "nuget: CerbiStream.GovernanceAnalyzer, 1.1.8"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package CerbiStream.GovernanceAnalyzer@1.1.8
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=CerbiStream.GovernanceAnalyzer&version=1.1.8
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=CerbiStream.GovernanceAnalyzer&version=1.1.8
                    


                            Install as a Cake Tool

CerbiStream Governance Analyzer

NuGet NuGet Downloads License: MIT .NET

πŸ›‘οΈ CerbiStream Governance Analyzer

CerbiStream-GovernanceAnalyzer is a high-performance, plugin-extensible governance engine for structured logging in .NET. It enables both runtime enforcement and compile-time analysis (via Roslyn Analyzer) to ensure logging consistency, security, and observability compliance.

βœ… What’s New?

  • πŸ”„ Live Reloading of JSON governance configs
  • 🧠 Plugin Architecture β€” inject dynamic validation rules (per environment, compliance, etc.)
  • πŸ₯‰ Per-field Type & Enum Enforcement (Roslyn-only)
  • ❌ DisallowedFields Support (Roslyn-only)
  • πŸ” Governance Modes: Permissive, WarnOnly, Strict
  • πŸ“Š Impact Scoring for governance violations (coming soon)
  • πŸ” Roslyn Analyzer to catch issues at build-time

πŸ“¦ Installation

dotnet add package CerbiStream.GovernanceAnalyzer

πŸ”₯ Why Use CerbiStream-GovernanceAnalyzer?

  • Compile-Time Log Validation – Prevents misformatted logs before deployment.
  • Structured Logging Enforcement – Ensures consistent log structures across teams.
  • Customizable Rules via JSON – Allows organizations to define mandatory fields for logs.
  • Seamless Integration with CerbiStream – Works alongside CerbiStream for log governance.
  • Lightweight & Fast – Runs at build time, avoiding runtime performance impact.

πŸš€ How It Works

1. Governance via JSON Profiles

  • Runtime only enforces EncryptionSettings (e.g., AES, Base64).
  • Compile-time (Roslyn) enforcement includes:
    • Required / Forbidden fields
    • Field types and enums
    • Encryption validation

2. Build-Time Roslyn Enforcement

  • Validates log usage against governance profile during compilation.
  • Fails build if required fields are missing or forbidden fields are present.
// Valid log
logger.LogInformation("User login successful | UserId: {UserId}", userId);

// Invalid log (missing required UserId)
logger.LogInformation("User login successful"); // ❌ Build fails

3. Runtime Use (Optional)

var isValid = GovernanceHelper.TryValidate("PIILog", logData, out var errors);
if (!isValid)
{
    Console.WriteLine("Governance violations:");
    errors.ForEach(Console.WriteLine);
}

πŸ”§ Runtime Enforcement Summary

Rule Type Enforced at Runtime Enforced by Roslyn
Encryption Mode βœ… Yes βœ… Yes
Required Fields ❌ No βœ… Yes
Forbidden Fields ❌ No βœ… Yes
FieldTypes (e.g., Guid) ❌ No βœ… Yes
FieldEnums ❌ No βœ… Yes

πŸ“ƒ Config Format (Simplified)

{
  "EnforcementMode": "Strict",
  "LoggingProfiles": {
    "PIILog": {
      "AllowedLevels": ["Information", "Error"],
      "FieldSeverities": {
        "userId": "Required",
        "ssn": "Forbidden"
      },
      "FieldTypes": {
        "userId": "Guid"
      },
      "EncryptionSettings": {
        "Mode": "AES",
        "FieldSeverity": "Required"
      }
    }
  }
}

πŸ‘οΈ Plugin Support

You can inject custom logic to extend governance enforcement:

public class TeamIdPlugin : ICustomGovernancePlugin
{
    public bool Validate(string profile, Dictionary<string, object> logData, out List<string> failures, out int impactScore)
    {
        failures = new();
        impactScore = 0;

        if (logData.TryGetValue("Environment", out var env) &&
            env?.ToString() == "Production" &&
            !logData.ContainsKey("TeamId"))
        {
            failures.Add("MissingField: TeamId is required in Production");
            impactScore = 5;
            return false;
        }

        return true;
    }
}

🚧 Governance Analyzer Goals

Feature Status
Compile-time enforcement βœ… Done
Runtime encryption check βœ… Done
Plugin engine βœ… Done
Governance score output 🚧 Coming soon

πŸ“… Roadmap

  • πŸ”„ Roslyn-based preview tooling
  • πŸ“Š CerbIQ impact scoring dashboard integration
  • πŸ“ˆ Governance metrics via CerbiShield
  • 🚧 Plugin SDK + CI integrations

πŸ“’ License & Contact

Secure. Structured. Compliant. CerbiStream Governance Analyzer

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.5.49 127 12/29/2025
1.5.48 196 12/22/2025
1.5.47 189 12/22/2025
1.4.46 439 12/11/2025
1.4.44 433 12/11/2025
1.3.0 432 12/10/2025
1.2.1 207 11/25/2025
1.1.43 437 12/11/2025
1.1.41 443 12/11/2025
1.1.36 215 10/29/2025
1.1.35 203 10/29/2025
1.1.34 239 5/18/2025
1.1.33 187 5/18/2025
1.1.32 174 5/17/2025
1.1.31 206 5/17/2025
1.1.30 304 5/15/2025
1.1.29 308 5/15/2025
1.1.28 295 5/15/2025
1.1.27 316 5/15/2025
1.1.8 243 4/24/2025
Loading failed