spin_capabilities/
lib.rs

1pub use deny::apply_deny_adapter;
2mod deny;
3
4/// Specifies which host capabilities a component dependency is allowed to inherit
5/// from its parent component.
6///
7/// When a dependency is composed into a parent component, it may need access to
8/// host-provided interfaces such as networking, key-value stores, or environment
9/// variables. This enum controls which of those capability sets are "allowed through"
10/// (i.e. not denied by the deny adapter).
11pub enum InheritConfiguration {
12    /// Inherit all capabilities from the parent component.
13    All,
14    /// Inherit no capabilities; the deny adapter blocks every host interface.
15    None,
16    /// Inherit only the named capability sets (e.g. `"allowed_outbound_hosts"`,
17    /// `"key_value_stores"`). Unrecognized names are silently ignored.
18    Some(Vec<String>),
19}
20
21const CAPABILITY_SETS: &[(&str, &[&str])] = &[
22    ("ai_models", AI_MODELS),
23    ("allowed_outbound_hosts", ALLOWED_OUTBOUND_HOSTS),
24    ("environment", ENVIRONMENT),
25    ("files", FILES),
26    ("key_value_stores", KEY_VALUE_STORES),
27    ("sqlite_databases", SQLITE_DATABASES),
28    ("variables", VARIABLES),
29];
30
31const AI_MODELS: &[&str] = &["fermyon:spin/llm", "fermyon:spin/llm@2.0.0"];
32
33const ALLOWED_OUTBOUND_HOSTS: &[&str] = &[
34    "fermyon:spin/http",
35    "fermyon:spin/mysql",
36    "fermyon:spin/postgres",
37    "fermyon:spin/redis",
38    "fermyon:spin/mqtt@2.0.0",
39    "fermyon:spin/mysql@2.0.0",
40    "fermyon:spin/postgres@2.0.0",
41    "fermyon:spin/redis@2.0.0",
42    "spin:mqtt/mqtt@3.0.0",
43    "spin:postgres/postgres@3.0.0",
44    "spin:postgres/postgres@4.2.0",
45    "spin:redis/redis@3.0.0",
46    "wasi:http/client@0.3.0-rc-2026-03-15",
47    "wasi:http/outgoing-handler@0.2.6",
48    "wasi:sockets/ip-name-lookup@0.2.6",
49    "wasi:sockets/ip-name-lookup@0.3.0-rc-2026-03-15",
50    "wasi:sockets/tcp-create-socket@0.2.6",
51    "wasi:sockets/tcp@0.2.6",
52    "wasi:sockets/udp-create-socket@0.2.6",
53    "wasi:sockets/udp@0.2.6",
54];
55
56const ENVIRONMENT: &[&str] = &[
57    "wasi:cli/environment@0.2.6",
58    "wasi:cli/environment@0.3.0-rc-2026-03-15",
59];
60
61const FILES: &[&str] = &[
62    "wasi:filesystem/preopens@0.2.6",
63    "wasi:filesystem/preopens@0.3.0-rc-2026-03-15",
64];
65
66const KEY_VALUE_STORES: &[&str] = &[
67    "fermyon:spin/key-value",
68    "fermyon:spin/key-value@2.0.0",
69    "spin:key-value/key-value@3.0.0",
70    "wasi:keyvalue/store@0.2.0-draft2",
71];
72
73const SQLITE_DATABASES: &[&str] = &[
74    "fermyon:spin/sqlite",
75    "fermyon:spin/sqlite@2.0.0",
76    "spin:sqlite/sqlite@3.1.0",
77];
78
79const VARIABLES: &[&str] = &[
80    "fermyon:spin/config",
81    "fermyon:spin/variables@2.0.0",
82    "spin:variables/variables@3.0.0",
83    "wasi:config/store@0.2.0-draft-2024-09-27",
84];
spin_capabilities/lib.rs

spin_capabilities/
lib.rs
