dumpling-cli 0.4.3__tar.gz → 0.6.0__tar.gz

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.dumplingconf.example

@@ -31,12 +31,12 @@ salt = "${DUMPLING_GLOBAL_SALT}"
 #   Faker modules: https://docs.rs/fake/latest/fake/faker/index.html
 #   Upstream repo: https://github.com/cksac/fake-rs
 [rules."public.users"]
-# email  — fake email via Rust `fake` crate; force quoted string output
-email         = { strategy = "faker", faker = "internet::SafeEmail", domain = "customer_identity", unique_within_domain = true }
-# name   — locale-aware full name (see `locale`); other generators use `faker = "module::Type"`
-full_name     = { strategy = "faker", faker = "name::Name" }
-first_name    = { strategy = "faker", faker = "name::FirstName" }
-last_name     = { strategy = "faker", faker = "name::LastName" }
+# email  — safe fake email (built-in); force quoted string output
+email         = { strategy = "email", domain = "customer_identity", unique_within_domain = true }
+# name   — locale-aware full name (see `locale`)
+full_name     = { strategy = "name" }
+first_name    = { strategy = "first_name" }
+last_name     = { strategy = "last_name" }
 # phone  — US-style (xxx) xxx-xxxx
 phone         = { strategy = "phone" }
 # ssn    — SHA-256 hex of original; use per-column salt for extra protection

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/ci.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/docs-pr.yml

@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install mdBook
         uses: peaceiris/actions-mdbook@v2

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/docs.yml

@@ -26,7 +26,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install mdBook
         uses: peaceiris/actions-mdbook@v2
@@ -37,7 +37,7 @@ jobs:
         run: mdbook build
 
       - name: Upload Pages deployment artifact
-        uses: actions/upload-pages-artifact@v3
+        uses: actions/upload-pages-artifact@v5
         with:
           path: docs/book
 
@@ -53,4 +53,4 @@ jobs:
     steps:
       - name: Deploy docs to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v4
+        uses: actions/deploy-pages@v5

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/platform-compat-latest.yml

@@ -22,7 +22,7 @@ jobs:
           - windows-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/platform-compat-matrix.yml

@@ -20,7 +20,7 @@ jobs:
           - windows-2022
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/policy-lint.yml

@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/publish.yml

@@ -32,7 +32,7 @@ jobs:
           - windows-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable
@@ -41,7 +41,7 @@ jobs:
         uses: Swatinem/rust-cache@v2
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.12"
 
@@ -52,7 +52,7 @@ jobs:
         run: python -m maturin build --release --out dist
 
       - name: Upload wheel artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: wheels-${{ matrix.os }}
           path: dist/*.whl
@@ -63,10 +63,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.12"
 
@@ -77,7 +77,7 @@ jobs:
         run: python -m maturin sdist --out dist
 
       - name: Upload sdist artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: sdist
           path: dist/*.tar.gz
@@ -96,7 +96,7 @@ jobs:
       id-token: write
     steps:
       - name: Download built distributions
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v8
         with:
           pattern: "*"
           path: dist
@@ -123,7 +123,7 @@ jobs:
       id-token: write
     steps:
       - name: Download built distributions
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v8
         with:
           pattern: "*"
           path: dist

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/release.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/.github/workflows/tests.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/CHANGELOG.md

@@ -7,6 +7,33 @@ and this project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.ht
 
 ## [Unreleased]
 
+## [0.6.0] - 2026-05-03
+
+### Added
+
+- **Dump seal** (leading `-- dumpling-seal:` SQL comment): records Dumpling version, security profile, a SHA-256 fingerprint of the resolved policy, and runtime CLI options that affect transforms (`--format`, sorted `--include-table` / `--exclude-table`, effective PRNG seed in standard profile). When the input already begins with a **matching** seal, the remainder is copied through unchanged; stale or unknown seal lines are stripped and the dump is re-processed. See README for full semantics ([#58](https://github.com/ababic/dumpling/pull/58)).
+- **`--stats`**: prints `wall_ms` plus `domain_cache_hits` and `domain_cache_misses` for quick profiling of large runs ([#59](https://github.com/ababic/dumpling/pull/59)).
+- **`CONTRIBUTORS.md`** ([#59](https://github.com/ababic/dumpling/pull/59)).
+
+### Changed
+
+- **Domain-mapped replacement values** use shared `Arc<str>` storage so repeated lookups reuse the same allocation ([#59](https://github.com/ababic/dumpling/pull/59)).
+
+## [0.5.0] - 2026-05-03
+
+### Added
+
+- **First-class strategies** `email`, `name`, `first_name`, `last_name`, and `phone` in config (same generators as `faker = "internet::SafeEmail"`, `name::Name`, `name::FirstName`, `name::LastName`, and locale-aware phone). Strategy names are normalized to lowercase at load.
+
+### Changed
+
+- **Random-path faker/phone/PII**: one reused `StdRng` on `AnonymizerRegistry` instead of re-seeding per cell.
+- **`faker` locale resolution**: `resolved_locale_key` avoids allocating a `String` per faker call when locale is `en` or absent.
+
+### Performance
+
+- Larger default I/O buffers; fewer per-line and per-row allocations on the SQL stream path (INSERT/COPY parsing and row filters).
+
 ## [0.4.3] - 2026-05-03
 
 ### Fixed
@@ -74,6 +101,8 @@ and this project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.ht
 - Configurable output scan severities and per-category thresholds via `[output_scan]`.
 - JSON report section for output scan findings including category, count, threshold, severity, and sample locations.
 
+[0.6.0]: https://github.com/ababic/dumpling/compare/v0.5.0...v0.6.0
+[0.5.0]: https://github.com/ababic/dumpling/compare/v0.4.3...v0.5.0
 [0.4.3]: https://github.com/ababic/dumpling/compare/v0.4.2...v0.4.3
 [0.4.2]: https://github.com/ababic/dumpling/compare/v0.4.1...v0.4.2
 [0.4.1]: https://github.com/ababic/dumpling/compare/v0.4.0...v0.4.1

dumpling_cli-0.6.0/CONTRIBUTORS.md

@@ -0,0 +1,6 @@
+# Contributors
+
+Thank you to everyone who has helped improve Dumpling.
+
+- **Andy Babic** — creator and maintainer
+- **Jordan Hale** — performance and observability (including AI-assisted patches)

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/Cargo.lock

@@ -262,7 +262,7 @@ dependencies = [
 
 [[package]]
 name = "dumpling"
-version = "0.4.3"
+version = "0.6.0"
 dependencies = [
  "anyhow",
  "chrono",

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "dumpling"
-version = "0.4.3"
+version = "0.6.0"
 edition = "2021"
 readme = "README.md"
 

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: dumpling-cli
-Version: 0.4.3
+Version: 0.6.0
 Classifier: Development Status :: 4 - Beta
 Classifier: Environment :: Console
 Classifier: Intended Audience :: Developers
@@ -129,6 +129,16 @@ If no configuration is found, Dumpling fails closed by default and exits non-zer
 The error output lists every checked location. Use `--allow-noop` to explicitly
 permit no-op behavior.
 
+### Dump seal (always on)
+
+Every successful run that writes output prefixes the stream with a single-line SQL comment:
+
+`-- dumpling-seal: v=2 version=<semver> profile=<standard|hardened> sha256=<64 hex chars>`
+
+The `sha256` is over canonical JSON that includes the Dumpling version, the active security profile, a stable encoding of the resolved policy (rules, row filters, column cases, sensitive columns, output scan, global salt), and **runtime options** that affect transforms: `--format`, sorted `--include-table` / `--exclude-table` patterns, and the effective `--seed` / `DUMPLING_SEED` value in standard profile (`null` in hardened, where seeds are ignored).
+
+If the **input** already begins with a seal line and it **matches** the current run, Dumpling copies the rest of the file through unchanged. If the line looks like a seal but does **not** match (stale policy, different flags, or older `v=`), that line is **dropped** and the dump is re-processed so you do not end up with two seal lines. `--strict-coverage` cannot be combined with a matching seal (table definitions are not scanned in passthrough mode). `--check` writes no output and therefore emits no seal line.
+
 ---
 
 ## Configuration (TOML)
@@ -142,8 +152,8 @@ salt = "${DUMPLING_GLOBAL_SALT}"
 
 # Rules are keyed by either "table" or "schema.table"
 [rules."public.users"]
-email = { strategy = "faker", faker = "internet::SafeEmail", domain = "customer_identity", unique_within_domain = true }
-name  = { strategy = "faker", faker = "name::Name", locale = "de_de" }   # German-locale name
+email = { strategy = "email", domain = "customer_identity", unique_within_domain = true }
+name  = { strategy = "name", locale = "de_de" }   # German-locale name
 ssn   = { strategy = "hash", salt = "${env:DUMPLING_USERS_SSN_SALT}", as_string = true }   # SHA-256 of original (salted)
 age   = { strategy = "int_range", min = 18, max = 90 }
 
@@ -183,8 +193,12 @@ token = "high"
 | `redact` | Replace with `REDACTED` (string) |
 | `uuid` | Random UUIDv4-like string |
 | `hash` | SHA-256 hex of original value; supports per-column `salt` and global `salt` |
-| `faker` | Values from the Rust [`fake`](https://crates.io/crates/fake) crate ([docs.rs](https://docs.rs/fake/latest/fake/), [`faker` modules](https://docs.rs/fake/latest/fake/faker/index.html)), chosen by a **string identifier** only (`faker = "module::Type"`, e.g. `internet::SafeEmail`). Config is **data only**: nothing from TOML is compiled or executed as Rust at runtime. Use `locale` for locale-aware generators; optional `min`/`max`, `length`, `format` as documented. Unsupported targets fail at config load. New generators require a **new Dumpling release** (or your own fork), not config-side code. |
+| `email` | Safe email address (same generator as `faker = "internet::SafeEmail"`); supports `locale` |
+| `name` | Full name (same as `faker = "name::Name"`); supports `locale` |
+| `first_name` | First name (same as `faker = "name::FirstName"`); supports `locale` |
+| `last_name` | Last name (same as `faker = "name::LastName"`); supports `locale` |
 | `phone` | Locale-aware fake phone number (configurable via `locale`); defaults to English format |
+| `faker` | Values from the Rust [`fake`](https://crates.io/crates/fake) crate ([docs.rs](https://docs.rs/fake/latest/fake/), [`faker` modules](https://docs.rs/fake/latest/fake/faker/index.html)), chosen by a **string identifier** only (`faker = "module::Type"`, e.g. `internet::SafeEmail`). Config is **data only**: nothing from TOML is compiled or executed as Rust at runtime. Use `locale` for locale-aware generators; optional `min`/`max`, `length`, `format` as documented. Unsupported targets fail at config load. New generators require a **new Dumpling release** (or your own fork), not config-side code. |
 | `int_range` | Random integer in `[min, max]` |
 | `string` | Random alphanumeric string (`length = 12` by default) |
 | `date_fuzz` | Shifts a date by a random number of days in `[min_days, max_days]` (defaults: `-30..30`) |
@@ -244,7 +258,7 @@ dumpling --security-profile hardened --input dump.sql --check
 - `unique_within_domain`: when true, different source values are assigned unique pseudonyms within the configured `domain`. NULL values are unaffected and always remain NULL.
 - `min_days` / `max_days`: used by `date_fuzz`.
 - `min_seconds` / `max_seconds`: used by `time_fuzz` and `datetime_fuzz`.
-- `locale`: selects the language/regional format for the `faker` and `phone` strategies. Supported values: `en`, `fr_fr`, `de_de`, `it_it`, `pt_br`, `pt_pt`, `ar_sa`, `zh_cn`, `zh_tw`, `ja_jp`, `cy_gb`. Defaults to `en` when not specified.
+- `locale`: selects the language/regional format for `email`, `name`, `first_name`, `last_name`, `faker`, and `phone`. Supported values: `en`, `fr_fr`, `de_de`, `it_it`, `pt_br`, `pt_pt`, `ar_sa`, `zh_cn`, `zh_tw`, `ja_jp`, `cy_gb`. Defaults to `en` when not specified.
 - `faker`: required when `strategy = "faker"`. A plain string `"module::Type"` (case-insensitive) that maps to a **built-in** generator compiled into Dumpling—not arbitrary Rust or expressions. Names follow [`fake::faker`](https://docs.rs/fake/latest/fake/faker/index.html) (e.g. `internet::SafeEmail` → `faker::internet::SafeEmail` in the crate).
 - `format`: used with `faker = "number::NumberWithFormat"`; pattern uses `#` (0–9) and `^` (1–9) per the [`fake` crate docs](https://docs.rs/fake/latest/fake/).
 
@@ -415,7 +429,7 @@ Define default strategies in `rules."<table>"` and add ordered per-column cases
 ```toml
 [rules."public.users"]
 email = { strategy = "hash", as_string = true }   # default
-name  = { strategy = "faker", faker = "name::Name" }
+name  = { strategy = "name" }
 
 [[column_cases."public.users".email]]
 when.any = [{ column = "is_admin", op = "eq", value = "true" }]
@@ -466,7 +480,7 @@ salt = "${DUMPLING_HMAC_KEY}"
 
 [rules."public.users"]
 ssn = { strategy = "hash", as_string = true }
-email = { strategy = "faker", faker = "internet::SafeEmail", domain = "users" }
+email = { strategy = "email", domain = "users" }
 ```
 
 ```bash

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/README.md

@@ -108,6 +108,16 @@ If no configuration is found, Dumpling fails closed by default and exits non-zer
 The error output lists every checked location. Use `--allow-noop` to explicitly
 permit no-op behavior.
 
+### Dump seal (always on)
+
+Every successful run that writes output prefixes the stream with a single-line SQL comment:
+
+`-- dumpling-seal: v=2 version=<semver> profile=<standard|hardened> sha256=<64 hex chars>`
+
+The `sha256` is over canonical JSON that includes the Dumpling version, the active security profile, a stable encoding of the resolved policy (rules, row filters, column cases, sensitive columns, output scan, global salt), and **runtime options** that affect transforms: `--format`, sorted `--include-table` / `--exclude-table` patterns, and the effective `--seed` / `DUMPLING_SEED` value in standard profile (`null` in hardened, where seeds are ignored).
+
+If the **input** already begins with a seal line and it **matches** the current run, Dumpling copies the rest of the file through unchanged. If the line looks like a seal but does **not** match (stale policy, different flags, or older `v=`), that line is **dropped** and the dump is re-processed so you do not end up with two seal lines. `--strict-coverage` cannot be combined with a matching seal (table definitions are not scanned in passthrough mode). `--check` writes no output and therefore emits no seal line.
+
 ---
 
 ## Configuration (TOML)
@@ -121,8 +131,8 @@ salt = "${DUMPLING_GLOBAL_SALT}"
 
 # Rules are keyed by either "table" or "schema.table"
 [rules."public.users"]
-email = { strategy = "faker", faker = "internet::SafeEmail", domain = "customer_identity", unique_within_domain = true }
-name  = { strategy = "faker", faker = "name::Name", locale = "de_de" }   # German-locale name
+email = { strategy = "email", domain = "customer_identity", unique_within_domain = true }
+name  = { strategy = "name", locale = "de_de" }   # German-locale name
 ssn   = { strategy = "hash", salt = "${env:DUMPLING_USERS_SSN_SALT}", as_string = true }   # SHA-256 of original (salted)
 age   = { strategy = "int_range", min = 18, max = 90 }
 
@@ -162,8 +172,12 @@ token = "high"
 | `redact` | Replace with `REDACTED` (string) |
 | `uuid` | Random UUIDv4-like string |
 | `hash` | SHA-256 hex of original value; supports per-column `salt` and global `salt` |
-| `faker` | Values from the Rust [`fake`](https://crates.io/crates/fake) crate ([docs.rs](https://docs.rs/fake/latest/fake/), [`faker` modules](https://docs.rs/fake/latest/fake/faker/index.html)), chosen by a **string identifier** only (`faker = "module::Type"`, e.g. `internet::SafeEmail`). Config is **data only**: nothing from TOML is compiled or executed as Rust at runtime. Use `locale` for locale-aware generators; optional `min`/`max`, `length`, `format` as documented. Unsupported targets fail at config load. New generators require a **new Dumpling release** (or your own fork), not config-side code. |
+| `email` | Safe email address (same generator as `faker = "internet::SafeEmail"`); supports `locale` |
+| `name` | Full name (same as `faker = "name::Name"`); supports `locale` |
+| `first_name` | First name (same as `faker = "name::FirstName"`); supports `locale` |
+| `last_name` | Last name (same as `faker = "name::LastName"`); supports `locale` |
 | `phone` | Locale-aware fake phone number (configurable via `locale`); defaults to English format |
+| `faker` | Values from the Rust [`fake`](https://crates.io/crates/fake) crate ([docs.rs](https://docs.rs/fake/latest/fake/), [`faker` modules](https://docs.rs/fake/latest/fake/faker/index.html)), chosen by a **string identifier** only (`faker = "module::Type"`, e.g. `internet::SafeEmail`). Config is **data only**: nothing from TOML is compiled or executed as Rust at runtime. Use `locale` for locale-aware generators; optional `min`/`max`, `length`, `format` as documented. Unsupported targets fail at config load. New generators require a **new Dumpling release** (or your own fork), not config-side code. |
 | `int_range` | Random integer in `[min, max]` |
 | `string` | Random alphanumeric string (`length = 12` by default) |
 | `date_fuzz` | Shifts a date by a random number of days in `[min_days, max_days]` (defaults: `-30..30`) |
@@ -223,7 +237,7 @@ dumpling --security-profile hardened --input dump.sql --check
 - `unique_within_domain`: when true, different source values are assigned unique pseudonyms within the configured `domain`. NULL values are unaffected and always remain NULL.
 - `min_days` / `max_days`: used by `date_fuzz`.
 - `min_seconds` / `max_seconds`: used by `time_fuzz` and `datetime_fuzz`.
-- `locale`: selects the language/regional format for the `faker` and `phone` strategies. Supported values: `en`, `fr_fr`, `de_de`, `it_it`, `pt_br`, `pt_pt`, `ar_sa`, `zh_cn`, `zh_tw`, `ja_jp`, `cy_gb`. Defaults to `en` when not specified.
+- `locale`: selects the language/regional format for `email`, `name`, `first_name`, `last_name`, `faker`, and `phone`. Supported values: `en`, `fr_fr`, `de_de`, `it_it`, `pt_br`, `pt_pt`, `ar_sa`, `zh_cn`, `zh_tw`, `ja_jp`, `cy_gb`. Defaults to `en` when not specified.
 - `faker`: required when `strategy = "faker"`. A plain string `"module::Type"` (case-insensitive) that maps to a **built-in** generator compiled into Dumpling—not arbitrary Rust or expressions. Names follow [`fake::faker`](https://docs.rs/fake/latest/fake/faker/index.html) (e.g. `internet::SafeEmail` → `faker::internet::SafeEmail` in the crate).
 - `format`: used with `faker = "number::NumberWithFormat"`; pattern uses `#` (0–9) and `^` (1–9) per the [`fake` crate docs](https://docs.rs/fake/latest/fake/).
 
@@ -394,7 +408,7 @@ Define default strategies in `rules."<table>"` and add ordered per-column cases
 ```toml
 [rules."public.users"]
 email = { strategy = "hash", as_string = true }   # default
-name  = { strategy = "faker", faker = "name::Name" }
+name  = { strategy = "name" }
 
 [[column_cases."public.users".email]]
 when.any = [{ column = "is_admin", op = "eq", value = "true" }]
@@ -445,7 +459,7 @@ salt = "${DUMPLING_HMAC_KEY}"
 
 [rules."public.users"]
 ssn = { strategy = "hash", as_string = true }
-email = { strategy = "faker", faker = "internet::SafeEmail", domain = "users" }
+email = { strategy = "email", domain = "users" }
 ```
 
 ```bash

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/docs/src/releasing.md

@@ -11,7 +11,7 @@ This project uses **tag-driven releases**.
 ## Maintainer checklist
 
 1. Ensure `main` is green in CI.
-2. Update `Cargo.toml` version and `CHANGELOG.md`.
+2. Update `Cargo.toml` and `pyproject.toml` versions and `CHANGELOG.md`.
 3. Open and merge a release preparation PR.
 4. Create and push a tag from `main`:
 

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "maturin"
 
 [project]
 name = "dumpling-cli"
-version = "0.4.3"
+version = "0.6.0"
 description = "Static anonymizer for plain SQL dumps (PostgreSQL, SQLite, SQL Server)."
 readme = "README.md"
 requires-python = ">=3.8"

{dumpling_cli-0.4.3 → dumpling_cli-0.6.0}/src/faker_dispatch.rs

@@ -89,6 +89,71 @@ pub fn parse_faker_path(faker: &str) -> Option<(&str, &str)> {
     Some((module, typ))
 }
 
+/// Normalized locale key for `faker`, `phone`, and built-in PII strategies (`email`, `name`, …).
+/// Uses ASCII case-insensitive matching without allocating.
+pub fn resolved_locale_key(spec: &AnonymizerSpec) -> &'static str {
+    let s = spec.locale.as_deref().map(str::trim).unwrap_or("");
+    if s.is_empty() || s.eq_ignore_ascii_case("en") {
+        return "en";
+    }
+    if s.eq_ignore_ascii_case("fr_fr") {
+        return "fr_fr";
+    }
+    if s.eq_ignore_ascii_case("de_de") {
+        return "de_de";
+    }
+    if s.eq_ignore_ascii_case("it_it") {
+        return "it_it";
+    }
+    if s.eq_ignore_ascii_case("pt_br") {
+        return "pt_br";
+    }
+    if s.eq_ignore_ascii_case("pt_pt") {
+        return "pt_pt";
+    }
+    if s.eq_ignore_ascii_case("ar_sa") {
+        return "ar_sa";
+    }
+    if s.eq_ignore_ascii_case("zh_cn") {
+        return "zh_cn";
+    }
+    if s.eq_ignore_ascii_case("zh_tw") {
+        return "zh_tw";
+    }
+    if s.eq_ignore_ascii_case("ja_jp") {
+        return "ja_jp";
+    }
+    if s.eq_ignore_ascii_case("cy_gb") {
+        return "cy_gb";
+    }
+    "en"
+}
+
+/// Built-in `strategy = "email"` — same generator as `faker = "internet::SafeEmail"`.
+pub fn pii_safe_email(loc: &str, rng: &mut StdRng) -> String {
+    fl!(loc, rng, SafeEmail)
+}
+
+/// Built-in `strategy = "name"` — full name.
+pub fn pii_full_name(loc: &str, rng: &mut StdRng) -> String {
+    fl!(loc, rng, Name)
+}
+
+/// Built-in `strategy = "first_name"`.
+pub fn pii_first_name(loc: &str, rng: &mut StdRng) -> String {
+    fl!(loc, rng, FirstName)
+}
+
+/// Built-in `strategy = "last_name"`.
+pub fn pii_last_name(loc: &str, rng: &mut StdRng) -> String {
+    fl!(loc, rng, LastName)
+}
+
+/// Built-in `strategy = "phone"` — same generator as `faker` phone_number fakers.
+pub fn pii_phone_number(loc: &str, rng: &mut StdRng) -> String {
+    fl!(loc, rng, PhoneNumber)
+}
+
 pub fn faker_string_with_rng(spec: &AnonymizerSpec, rng: &mut StdRng) -> Option<String> {
     let faker = spec.faker.as_deref()?.trim();
     if faker.is_empty() {
@@ -97,12 +162,7 @@ pub fn faker_string_with_rng(spec: &AnonymizerSpec, rng: &mut StdRng) -> Option<
     let (module, typ) = parse_faker_path(faker)?;
     let module_lc = module.to_ascii_lowercase();
     let typ_lc = typ.to_ascii_lowercase();
-    let locale = spec
-        .locale
-        .as_deref()
-        .map(|l| l.trim().to_ascii_lowercase())
-        .unwrap_or_else(|| "en".to_string());
-    let loc = locale.as_str();
+    let loc = resolved_locale_key(spec);
 
     let s: String = match (module_lc.as_str(), typ_lc.as_str()) {
         ("name", "firstname") => fl!(loc, rng, FirstName),