Complete technical specifications for SystemPrompt.
| Component |
Version |
| SystemPrompt |
0.0.14 |
| Rust Edition |
2021 |
| Minimum Rust |
1.75+ |
System Requirements
Development
| Requirement |
Specification |
| Operating System |
Linux, macOS, Windows (WSL2) |
| CPU |
x86_64 or ARM64 |
| RAM |
4GB minimum, 8GB recommended |
| Disk |
2GB for build artifacts |
Production
| Requirement |
Specification |
| Operating System |
Linux (Ubuntu 22.04+, Debian 12+) |
| CPU |
2+ cores |
| RAM |
2GB minimum |
| Disk |
10GB recommended |
Database Support
| Database |
Version |
Status |
| PostgreSQL |
14+ |
Primary, recommended |
| PostgreSQL |
16 |
Tested |
| SQLite |
3.35+ |
Supported |
| MySQL |
8.0+ |
Experimental |
PostgreSQL Extensions
Required extensions (included by default):
pgcrypto - Cryptographic functions
uuid-ossp - UUID generation
Key Dependencies
Runtime
| Dependency |
Version |
Purpose |
| Tokio |
1.47 |
Async runtime |
| Axum |
0.8 |
HTTP framework |
| SQLx |
0.8 |
Database layer |
| rmcp |
0.14 |
MCP protocol |
| serde |
1.0 |
Serialization |
Build-time
| Dependency |
Version |
Purpose |
| inventory |
0.3 |
Extension registration |
| tracing |
0.1 |
Structured logging |
| thiserror |
2.0 |
Error handling |
Protocol Support
MCP (Model Context Protocol)
| Feature |
Support |
| Transport |
HTTP (streamable), SSE |
| Tools |
Full support |
| Resources |
Full support |
| Prompts |
Full support |
| Authentication |
OAuth2, API Key |
A2A (Agent-to-Agent)
| Feature |
Support |
| Protocol Version |
1.0 |
| Discovery |
Well-known endpoints |
| Transport |
HTTP |
| Authentication |
OAuth2 |
Authentication
| Method |
Support |
| OAuth2 |
Authorization Code, Client Credentials |
| OIDC |
OpenID Connect |
| WebAuthn |
Passwordless authentication |
| API Keys |
Bearer token |
API Specifications
Rate Limits
| Endpoint Type |
Limit |
| Public API |
100 req/min |
| Authenticated API |
1000 req/min |
| Agent Messages |
60 req/min |
| MCP Tools |
300 req/min |
| Format |
Content-Type |
| JSON |
application/json |
| SSE |
text/event-stream |
| Binary |
application/octet-stream |
File Specifications
Content Files
| Format |
Extension |
Max Size |
| Markdown |
.md |
1MB |
| YAML |
.yaml, .yml |
100KB |
| Images |
.png, .jpg, .webp |
10MB |
Frontmatter Schema
Required fields for content:
title: string # Page title
description: string # SEO description
slug: string # URL path
kind: string # Content type
public: boolean # Visibility
Optional fields:
author: string
keywords: string
image: string
tags: string[]
published_at: date
updated_at: date
Security Specifications
Encryption
| Context |
Algorithm |
| Passwords |
Argon2id |
| Tokens |
AES-256-GCM |
| TLS |
TLS 1.3 |
Token Lifetimes
| Token Type |
Default Lifetime |
| Access Token |
1 hour |
| Refresh Token |
7 days |
| Session |
24 hours |
CORS
Default CORS configuration:
allowed_origins: ["*"] # Configure for production
allowed_methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"]
allowed_headers: ["Authorization", "Content-Type"]
max_age: 86400
Crate Architecture
Total Crates: 33
| Layer |
Count |
| Shared |
7 |
| Infrastructure |
7 |
| Domain |
9 |
| Application |
4 |
| Entry |
2 |
| Facade |
1 |
| Tests |
24 (separate workspace) |
Feature Flags
Available in the systemprompt facade crate:
| Feature |
Description |
core |
Traits, models, identifiers (default) |
database |
Database abstraction |
api |
HTTP server |
cli |
CLI entry point |
mcp |
Model Context Protocol |
sync |
Cloud synchronization |
cloud |
Cloud infrastructure |
full |
All functionality |
Coding Standards
Lints
[lints.rust]
unsafe_code = "forbid"
[lints.clippy]
all = "deny"
pedantic = "deny"
unwrap_used = "deny"
expect_used = "warn"
panic = "deny"
todo = "deny"
unimplemented = "deny"
SQL Requirements
- All SQL in
.sql files, never inline strings
- Compile-time verification via SQLx
- Parameterized queries only
Error Handling
- No
unwrap() - deny lint
- No
panic!() - deny lint
- Explicit error types with
thiserror
License
FSL-1.1-ALv2 (Functional Source License)
- Source-available
- Commercial use allowed
- Converts to Apache 2.0 after 2 years
- No competing SaaS restriction
Links