Fix regex filter PR review issues

Signed-off-by: lucarlig <luca.carlig@ibm.com>

Author: lucarlig

.github/workflows/release-rust-python-package.yaml

@@ -54,9 +54,6 @@ jobs:
         with:
           python-version: "3.12"
 
-      - name: Validate plugin catalog
-        run: python3 tools/plugin_catalog.py validate .
-
       - id: resolve
         shell: bash
         env:
@@ -79,12 +76,15 @@ jobs:
             tag_ref="${GITHUB_REF}"
           fi
 
-          if git merge-base --is-ancestor "${tag_ref}" "refs/remotes/origin/main"; then
+          tag_commit="$(git rev-list -n 1 "${tag_ref}")"
+          if git merge-base --is-ancestor "${tag_commit}" "refs/remotes/origin/main"; then
             tag_on_main=true
           else
             tag_on_main=false
           fi
 
+          git checkout --detach "${checkout_ref}"
+          python3 tools/plugin_catalog.py validate .
           release_info="$(python3 tools/plugin_catalog.py release-info . "${tag}")"
           plugin="$(printf '%s' "${release_info}" | python3 -c 'import json, sys; print(json.load(sys.stdin)["slug"])')"
           plugin_path="$(printf '%s' "${release_info}" | python3 -c 'import json, sys; print(json.load(sys.stdin)["path"])')"
@@ -255,7 +255,7 @@ jobs:
           fi
 
   publish:
-    if: ${{ (github.event_name != 'workflow_call' || inputs.publish_enabled) && (needs.resolve.outputs.publish_env != 'pypi' || needs.resolve.outputs.tag_on_main == 'true') }}
+    if: ${{ github.event_name != 'workflow_call' || inputs.publish_enabled }}
     needs: [resolve, build-wheel, build-sdist]
     runs-on: ubuntu-latest
     environment: ${{ needs.resolve.outputs.publish_env }}
@@ -276,8 +276,14 @@ jobs:
           repository-url: https://test.pypi.org/legacy/
           skip-existing: true
 
+      - name: Verify PyPI tag is on main
+        if: needs.resolve.outputs.publish_env == 'pypi' && needs.resolve.outputs.tag_on_main != 'true'
+        run: |
+          echo "Refusing to publish to PyPI because the release tag is not reachable from origin/main" >&2
+          exit 1
+
       - name: Publish distributions to PyPI
-        if: needs.resolve.outputs.publish_env == 'pypi'
+        if: needs.resolve.outputs.publish_env == 'pypi' && needs.resolve.outputs.tag_on_main == 'true'
         uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
         with:
           packages-dir: dist/

Cargo.lock

@@ -10,6 +10,11 @@ Current plugins:
 
 - `rate_limiter`
 - `pii_filter`
+- `encoded_exfil_detection`
+- `regex_filter`
+- `retry_with_backoff`
+- `secrets_detection`
+- `url_reputation`
 
 Each managed plugin must include:
 

README.md

@@ -16,15 +16,15 @@ name = "stub_gen"
 path = "src/bin/stub_gen.rs"
 
 [dependencies]
-cpex_framework_bridge = { path = "../../../../crates/framework_bridge" }
+cpex_framework_bridge = { workspace = true }
 log = { workspace = true }
 pyo3 = { workspace = true }
 pyo3-log = { workspace = true }
 pyo3-stub-gen = { workspace = true }
-regex = "1.12"
+regex = { workspace = true }
 
 [dev-dependencies]
-criterion = { version = "0.8", features = ["html_reports"] }
+criterion = { workspace = true }
 
 [[bench]]
 name = "regex_filter"

plugins/rust/python-package/regex_filter/Cargo.toml

@@ -1,6 +1,9 @@
 # Regex Filter Plugin for CPEX
 
 Rust-backed regex search and replace for prompt arguments, prompt messages, tool arguments, and tool results.
+Patterns use Rust `regex` syntax, which does not support look-around or backreferences.
+Replacement strings use Rust `regex` expansion syntax (`$0`, `$1`, `$name`, `${name}`, and `$$` for a literal dollar).
+Recursive filtering covers strings inside dicts and lists, plus Python tuples and sets; custom object attributes are left unchanged.
 
 This package follows the same layout as the other Rust+Python CPEX plugins in this repository:
 
@@ -11,12 +14,30 @@ This package follows the same layout as the other Rust+Python CPEX plugins in th
 ## Configuration
 
 ```yaml
-config:
-  words:
-    - search: "\\bsecret\\b"
-      replace: "[REDACTED]"
-    - search: "\\d{3}-\\d{2}-\\d{4}"
-      replace: "XXX-XX-XXXX"
+plugins:
+  - name: regex_filter
+    kind: cpex_regex_filter.regex_filter.SearchReplacePlugin
+    hooks:
+      - prompt_pre_fetch
+      - prompt_post_fetch
+      - tool_pre_invoke
+      - tool_post_invoke
+    mode: enforce
+    config:
+      words:
+        - search: "\\bsecret\\b"
+          replace: "[REDACTED]"
+        - search: "\\d{3}-\\d{2}-\\d{4}"
+          replace: "XXX-XX-XXXX"
+      max_text_bytes: 10485760
+      max_total_text_bytes: 10485760
+      max_nested_depth: 64
+      max_collection_items: 4096
+      max_total_items: 65536
+      max_patterns: 1024
+      max_search_bytes: 1048576
+      max_replace_bytes: 1048576
+      max_output_bytes: 10485760
 ```
 
 ## Development

plugins/rust/python-package/regex_filter/README.md

@@ -20,12 +20,18 @@ fn bench_apply_patterns(c: &mut Criterion) {
             },
         ],
         pattern_set: RegexSet::new([r"\bsecret\b", r"\d{3}-\d{2}-\d{4}"]).ok(),
+        max_text_bytes: 10 * 1024 * 1024,
+        max_total_text_bytes: 10 * 1024 * 1024,
+        max_nested_depth: 64,
+        max_collection_items: 4096,
+        max_total_items: 65_536,
+        max_output_bytes: 10 * 1024 * 1024,
     };
     let plugin = SearchReplacePluginRust { config };
     let text = "The secret number is 123-45-6789";
 
     c.bench_function("regex_filter_apply_patterns", |b| {
-        b.iter(|| plugin.apply_patterns(text))
+        b.iter(|| plugin.apply_patterns(text).unwrap())
     });
 }
 

plugins/rust/python-package/regex_filter/benches/regex_filter.rs

@@ -1,5 +1,6 @@
 description: "Rust-backed regex search and replace for prompt arguments, prompt messages, tool inputs, and tool outputs"
 author: "ContextForge Contributors"
+kind: "cpex_regex_filter.regex_filter.SearchReplacePlugin"
 version: "0.1.0"
 available_hooks:
   - "prompt_pre_fetch"
@@ -8,3 +9,12 @@ available_hooks:
   - "tool_post_invoke"
 default_configs:
   words: []
+  max_text_bytes: 10485760
+  max_total_text_bytes: 10485760
+  max_nested_depth: 64
+  max_collection_items: 4096
+  max_total_items: 65536
+  max_patterns: 1024
+  max_search_bytes: 1048576
+  max_replace_bytes: 1048576
+  max_output_bytes: 10485760

plugins/rust/python-package/regex_filter/cpex_regex_filter/plugin-manifest.yaml

@@ -18,6 +18,9 @@ classifiers = [
     "Programming Language :: Python :: 3.13",
 ]
 
+[project.entry-points."cpex.plugins"]
+regex_filter = "cpex_regex_filter.regex_filter:SearchReplacePlugin"
+
 [tool.maturin]
 module-name = "cpex_regex_filter.regex_filter_rust"
 python-source = "."