Surface cli-guard security: schema in ward (ward security show + lint coverage) #39

Closed
opened 2026-06-03 22:40:17 +00:00 by coilysiren · 1 comment
Owner

Scope

Sub-issue of #4. Make ward a first-class consumer of cli-guard's repocfg.Security block: surface the parsed schema so the doctor and hook-wiring sub-issues have a settled access path, and so ward lint catches malformed security: declarations during normal pre-commit runs.

What

  • New ward security show subcommand. Prints the resolved config path and a structured (yaml) dump of cfg.Security to stdout. Exits 0 when the block is absent (zero-value Security), 0 when present, non-zero only on resolution / parse failure.
  • ward lint extension: when cfg.Security parses, surface a one-line OK summary alongside the existing verb count (ward lint: 6 verbs OK, 2 protected binaries). Parse errors already bubble up via repocfg.Load; verify the error sites quote security: paths cleanly.
  • Internal helper loadSecurity() (or expose via existing loadDefault) returning (*repocfg.Config, error). Doctor and hook wiring both consume this in their sub-issues.

Out of scope

  • Behavior changes from cfg.Securityward doctor security and hook wiring are separate sub-issues of #4.
  • New schema fields. cli-guard owns the schema; ward is a consumer.
  • Persisting / caching the parsed block.

Acceptance

  • ward security show against a config with a populated security: block prints the protected binaries, sudo posture, and hook policy. Against a config with no security: block, prints an explicit "no security: declared" line and exits 0.
  • ward security show --config <path> and WARD_CONFIG=<path> ward security show both honor the resolver from #38.
  • ward lint reports protected-binary count when the block is present, no behavioral regression when absent.
  • Tests cover: populated block, absent block, malformed block (parse error surfaces with the config path).
  • docs/security-show.md documents the new subcommand and its read-only contract (no enforcement).
## Scope Sub-issue of #4. Make ward a first-class consumer of cli-guard's `repocfg.Security` block: surface the parsed schema so the doctor and hook-wiring sub-issues have a settled access path, and so `ward lint` catches malformed `security:` declarations during normal pre-commit runs. ## What - New `ward security show` subcommand. Prints the resolved config path and a structured (yaml) dump of `cfg.Security` to stdout. Exits 0 when the block is absent (zero-value Security), 0 when present, non-zero only on resolution / parse failure. - `ward lint` extension: when `cfg.Security` parses, surface a one-line OK summary alongside the existing verb count (`ward lint: 6 verbs OK, 2 protected binaries`). Parse errors already bubble up via `repocfg.Load`; verify the error sites quote `security:` paths cleanly. - Internal helper `loadSecurity()` (or expose via existing `loadDefault`) returning `(*repocfg.Config, error)`. Doctor and hook wiring both consume this in their sub-issues. ## Out of scope - Behavior changes from `cfg.Security` — `ward doctor security` and hook wiring are separate sub-issues of #4. - New schema fields. cli-guard owns the schema; ward is a consumer. - Persisting / caching the parsed block. ## Acceptance - `ward security show` against a config with a populated `security:` block prints the protected binaries, sudo posture, and hook policy. Against a config with no `security:` block, prints an explicit "no security: declared" line and exits 0. - `ward security show --config <path>` and `WARD_CONFIG=<path> ward security show` both honor the resolver from #38. - `ward lint` reports protected-binary count when the block is present, no behavioral regression when absent. - Tests cover: populated block, absent block, malformed block (parse error surfaces with the config path). - `docs/security-show.md` documents the new subcommand and its read-only contract (no enforcement).
Author
Owner

Superseded by #40 — collapsed into the ward doctor umbrella so the diagnostic surface stays a single verb. No separate ward security command will land.

Superseded by #40 — collapsed into the `ward doctor` umbrella so the diagnostic surface stays a single verb. No separate `ward security` command will land.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
coilyco-flight-deck/ward#39
No description provided.