feat: add experimental rust validation middleware

.env.example

@@ -156,6 +156,8 @@ SECURE_COOKIES=false
 
 # Enable validation middleware and experimental IO validation for visibility
 EXPERIMENTAL_VALIDATE_IO=true
+# Optional: enable the Rust JSON validation extension after `make rust-validation-install`
+# EXPERIMENTAL_RUST_VALIDATION_MIDDLEWARE_ENABLED=false
 VALIDATION_MIDDLEWARE_ENABLED=true
 
 # Permission audit logging (RBAC checks) - disabled by default for performance
@@ -805,10 +807,15 @@ OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317
 # Phase 0: EXPERIMENTAL_VALIDATE_IO=false (disabled, default)
 # Phase 1: EXPERIMENTAL_VALIDATE_IO=true, VALIDATION_STRICT=false (log-only)
 # Phase 2: EXPERIMENTAL_VALIDATE_IO=true, VALIDATION_STRICT=true (enforce in staging)
+# Optional accelerator: EXPERIMENTAL_RUST_VALIDATION_MIDDLEWARE_ENABLED=true after `make rust-validation-install`
 # Phase 3: Production deployment with all features enabled
 # Project defaults block enables EXPERIMENTAL_VALIDATE_IO for local dev
 # EXPERIMENTAL_VALIDATE_IO=false
 
+# Enable the experimental in-process Rust validator for recursive JSON validation checks
+# Requires `make rust-validation-install` before enabling.
+# EXPERIMENTAL_RUST_VALIDATION_MIDDLEWARE_ENABLED=false
+
 # Enable validation middleware for all requests
 # When enabled, validates all incoming request parameters and paths
 # Options: true, false (default)

.pre-commit-config.yaml

@@ -350,7 +350,7 @@ repos:
         description: Verifies test files in tests/ directories start with `test_`.
         language: python
         files: (^|/)tests/.+\.py$
-        exclude: ^tests/(.*/)?(pages|helpers|fuzzers|scripts|fixtures|migration|utils|manual|async|load.*|populate)/.*\.py$|^tests/e2e/mcp_test_helpers\.py$
+        exclude: ^tests/(.*/)?(pages|helpers|fuzzers|scripts|fixtures|migration|utils|manual|async|load.*|populate|client|jmeter)/.*\.py$|^tests/e2e/mcp_test_helpers\.py$
         args: [--pytest-test-first] # `test_.*\.py`
 
 
@@ -401,6 +401,7 @@ repos:
         name: 🐍 Black - Python Code Formatter
         description: The uncompromising Python code formatter.
         language_version: python3
+        files: ^mcpgateway/
 
   # - repo: https://github.com/pycqa/isort
   #   rev: 6.0.1
@@ -513,6 +514,7 @@ repos:
       - id: interrogate
         args: [--quiet, --fail-under=100]
         files: ^mcpgateway/
+        exclude: ^mcpgateway/plugins/framework/external/grpc/proto/.*_pb2.*\.py$
 
   # -----------------------------------------------------------------------------
   #  🔐 Security - Detect Secrets
@@ -527,4 +529,5 @@ repos:
         name: 🔐 IBM Detect Secrets
         description: Detects secrets within a repository using IBM's detect-secrets.
         args: ['--baseline', '.secrets.baseline', --use-all-plugins, --fail-on-unaudited]
+        pass_filenames: false
         types: [text]

.pre-commit-lite.yaml

@@ -531,4 +531,5 @@ repos:
         name: 🔐 IBM Detect Secrets
         description: Detects secrets within a repository using IBM's detect-secrets.
         args: ['--baseline', '.secrets.baseline', --use-all-plugins, --fail-on-unaudited]
+        pass_filenames: false
         types: [text]