← Back to blog

Kvlar v0.2.0: Policy Hot-Reload

By Kvlar Team

We just shipped Kvlar v0.2.0 with the most requested feature since launch: policy hot-reload.

The problem with restarts

Before v0.2.0, changing a security policy meant restarting the proxy. In development, that's annoying — you're iterating on rules, testing edge cases, tuning conditions. In production, it means a brief window where tool calls aren't being evaluated.

Hot-reload eliminates both problems.

How it works

Add --watch to your proxy command:

kvlar proxy --stdio --policy policy.yaml --watch -- npx @modelcontextprotocol/server-postgres

Now edit policy.yaml in your editor. When you save, Kvlar detects the change, parses the new policy, and swaps it in — all without dropping a single tool call.

  [kvlar] watching 1 policy file(s) for changes
  [kvlar] policy change detected, reloading...
  [kvlar] ✓ reloaded 1 policies (14 rules)

Graceful error handling

If your edited policy has a YAML error or invalid rules, Kvlar keeps the previous valid policy active:

  [kvlar] policy change detected, reloading...
  [kvlar] ✗ reload failed, keeping previous policy: failed to load policy.yaml: ...

This is the same fail-safe philosophy that drives the rest of Kvlar. Your proxy never enters an unprotected state.

Under the hood

The implementation touches the core proxy architecture:

Read-write locking. We replaced Arc<Mutex<Engine>> with Arc<RwLock<Engine>> across the entire proxy. Policy evaluations now take a read lock (concurrent, zero contention), while hot-reload takes a write lock (exclusive, atomic swap). In practice, the write lock is held for microseconds.

Filesystem watching. We use the notify crate for cross-platform file watching (FSEvents on macOS, inotify on Linux). Events are debounced at 300ms to coalesce rapid saves from editors.

Stdio safety. All reload messages go to stderr, so they never interfere with the JSON-RPC protocol on stdout.

Config file support

You can also enable hot-reload in a proxy configuration file:

policy_paths:
  - "./policies/production.yaml"
hot_reload: true
transport: stdio
upstream_command: "npx"
upstream_args: ["@modelcontextprotocol/server-filesystem", "/workspace"]

Upgrade

cargo install kvlar-cli  # installs v0.2.0

The release includes pre-built binaries for Linux x86_64, macOS x86_64, and macOS ARM64, available on the GitHub Releases page.

What's next

  • Python SDKshipped in v0.3.0! Wrap the Kvlar CLI from Python applications
  • Human approval webhooksshipped in v0.3.0! Route approval decisions to external systems
  • TypeScript SDK — for Node.js environments
  • Structured audit export — ship audit logs to your SIEM

Follow us on X or star the repo for updates.