@kirrosh/zond 0.21.0 → 0.23.0

package/src/cli/resolve.ts

@@ -0,0 +1,105 @@
+/**
+ * Shared helpers for command-action callbacks: resolving the active API
+ * collection, the spec argument that spec-consuming commands accept, and
+ * tiny utilities (`globalJson`, deprecation warning). Extracted from
+ * program.ts (TASK-190 round 2a) so per-command modules can register
+ * themselves without re-importing program.ts.
+ */
+
+import type { Command } from "commander";
+import { getDb } from "../db/schema.ts";
+import { findCollectionByNameOrId } from "../db/queries.ts";
+import { resolveCollectionSpec } from "../core/setup-api.ts";
+import { readCurrentApi } from "../core/context/current.ts";
+
+/**
+ * TASK-73: `--json` is a per-command option (not a top-level global) so
+ * that `run --json` does not collide with `run --report json`.
+ * Subcommands that support an envelope output add `.option("--json", ...)`
+ * themselves and we read it from local opts.
+ */
+export function globalJson(cmd: Command): boolean {
+  return cmd.opts().json === true;
+}
+
+/** Resolve API collection → returns { spec?, testPath?, baseDir? } or { error } when not found. */
+export function resolveApiCollection(apiName: string, dbPath: string | undefined):
+  | { spec: string | null; testPath: string | null; baseDir: string | null }
+  | { error: string } {
+  if (typeof apiName !== "string" || apiName.length === 0) {
+    return { error: "Internal: --api received non-string value" };
+  }
+  try {
+    getDb(dbPath);
+    const col = findCollectionByNameOrId(apiName);
+    if (!col) return { error: `API '${apiName}' not found` };
+    const spec = col.openapi_spec ? resolveCollectionSpec(col.openapi_spec) : null;
+    return { spec, testPath: col.test_path ?? null, baseDir: col.base_dir ?? null };
+  } catch (err) {
+    return { error: `Failed to resolve --api: ${(err as Error).message}` };
+  }
+}
+
+/**
+ * Resolve `apis/<name>/.env.yaml` for a registered API. TASK-233: probe
+ * subcommands required `--env <file>` even when `--api <name>` was given,
+ * forcing users to repeat the path. When --api is set we derive the env
+ * file from the collection's base_dir; only error if the file is missing.
+ *
+ * Returns the absolute path to the env file when it exists, otherwise an
+ * error object. Callers may also fall back to other strategies on miss.
+ */
+export function resolveApiEnv(apiName: string, dbPath: string | undefined):
+  | { env: string }
+  | { error: string } {
+  const col = resolveApiCollection(apiName, dbPath);
+  if ("error" in col) return col;
+  if (!col.baseDir) {
+    return { error: `API '${apiName}' has no base_dir registered — pass --env <file> explicitly.` };
+  }
+  const envPath = `${col.baseDir.replace(/\/+$/, "")}/.env.yaml`;
+  return { env: envPath };
+}
+
+/**
+ * Resolve a `<spec>` argument used by spec-consuming commands —
+ * catalog, sync, generate, probe-validation, probe-methods,
+ * probe-mass-assignment, lint-spec, describe, guide.
+ *
+ * Resolution order:
+ *   1. Explicit positional/flag value — used as-is (URL or filesystem path).
+ *   2. --api <name> — look up the workspace-local snapshot via
+ *      `resolveCollectionSpec`.
+ *   3. ZOND_API env / .zond/current-api — same lookup using the currently-selected API
+ *      (TASK-290; resolution chain implemented in core/context/current.ts).
+ *
+ * Returns `{ spec }` on success, `{ error }` on failure. Centralised here
+ * so commands stay thin and skill/CI prompts can rely on either form.
+ */
+export function resolveSpecArg(
+  positional: string | undefined,
+  apiFlag: string | undefined,
+  dbPath: string | undefined,
+): { spec: string } | { error: string } {
+  if (typeof positional === "string" && positional.length > 0) {
+    return { spec: positional };
+  }
+  const apiName = apiFlag ?? readCurrentApi() ?? undefined;
+  if (!apiName) {
+    return {
+      error: "Need a spec — pass it positionally, via --api <name>, or set the current API with `zond use <name>`.",
+    };
+  }
+  const resolved = resolveApiCollection(apiName, dbPath);
+  if ("error" in resolved) return { error: resolved.error };
+  if (!resolved.spec) {
+    return {
+      error:
+        `API '${apiName}' is registered without an OpenAPI spec — this command needs one. ` +
+        `Run \`zond refresh-api ${apiName} --spec <path|url>\` to attach a spec, ` +
+        `or use \`zond run --api ${apiName} <test.yaml>\` for YAML-based testing.`,
+    };
+  }
+  return { spec: resolved.spec };
+}
+

package/src/cli/status-filter.ts

@@ -0,0 +1,124 @@
+/**
+ * TASK-140: parse `--status` filter expressions for `zond db run/runs`.
+ *
+ * Accepted forms (combinable via comma):
+ *   502                — exact code
+ *   5xx / 4xx / 3xx / 2xx / 1xx — class wildcard (`5xx` ≡ 500..599)
+ *   500-599            — inclusive range
+ *   >=500 / >500 / <=400 / <400 — open-ended comparison
+ *   500,502,504        — list of exacts
+ *   5xx,429            — mix of class + exact
+ *
+ * The parser yields a `StatusMatcher` which the DB layer converts into a
+ * single SQL `WHERE` fragment (set + ranges combined with `OR`).
+ */
+
+export interface StatusMatcher {
+  /** Specific codes that should match. */
+  exacts: number[];
+  /** Inclusive ranges `[min, max]` — including class wildcards (5xx → 500..599). */
+  ranges: Array<[number, number]>;
+}
+
+const CLASS_RE = /^([1-5])xx$/i;
+const RANGE_RE = /^(\d{3})-(\d{3})$/;
+const CMP_RE = /^(>=|<=|>|<)\s*(\d{3})$/;
+const CODE_RE = /^\d{3}$/;
+
+function pushExact(out: StatusMatcher, code: number): void {
+  if (code < 100 || code > 599) {
+    throw new Error(`status code out of range: ${code}`);
+  }
+  if (!out.exacts.includes(code)) out.exacts.push(code);
+}
+
+function pushRange(out: StatusMatcher, min: number, max: number): void {
+  if (min > max) throw new Error(`status range start > end: ${min}-${max}`);
+  out.ranges.push([min, max]);
+}
+
+/**
+ * Parse a `--status` argument. Throws on invalid syntax — caller wraps the
+ * thrown message in a CLI error.
+ */
+export function parseStatusFilter(raw: string): StatusMatcher {
+  const trimmed = raw.trim();
+  if (trimmed === "") throw new Error("empty --status value");
+  const parts = trimmed.split(",").map((p) => p.trim()).filter((p) => p.length > 0);
+  if (parts.length === 0) throw new Error("empty --status value");
+
+  const out: StatusMatcher = { exacts: [], ranges: [] };
+  for (const part of parts) {
+    let m: RegExpMatchArray | null;
+    if ((m = part.match(CODE_RE))) {
+      pushExact(out, Number(part));
+      continue;
+    }
+    if ((m = part.match(CLASS_RE))) {
+      const klass = Number(m[1]);
+      pushRange(out, klass * 100, klass * 100 + 99);
+      continue;
+    }
+    if ((m = part.match(RANGE_RE))) {
+      const lo = Number(m[1]);
+      const hi = Number(m[2]);
+      if (lo < 100 || lo > 599 || hi < 100 || hi > 599) {
+        throw new Error(`status range out of bounds: ${part} (expected 100..599)`);
+      }
+      pushRange(out, lo, hi);
+      continue;
+    }
+    if ((m = part.match(CMP_RE))) {
+      const op = m[1]!;
+      const code = Number(m[2]);
+      if (code < 100 || code > 599) {
+        throw new Error(`status comparison out of bounds: ${part} (expected 100..599)`);
+      }
+      switch (op) {
+        case ">=": pushRange(out, code, 599); break;
+        case ">":  pushRange(out, code + 1, 599); break;
+        case "<=": pushRange(out, 100, code); break;
+        case "<":  pushRange(out, 100, code - 1); break;
+      }
+      continue;
+    }
+    throw new Error(
+      `invalid --status part: '${part}' (expected one of: 502, 5xx, 500-599, >=500, <400)`,
+    );
+  }
+  return out;
+}
+
+/** True if `code` matches the parsed filter. Useful for in-memory filtering. */
+export function statusMatches(matcher: StatusMatcher, code: number | null | undefined): boolean {
+  if (code == null) return false;
+  if (matcher.exacts.includes(code)) return true;
+  for (const [lo, hi] of matcher.ranges) {
+    if (code >= lo && code <= hi) return true;
+  }
+  return false;
+}
+
+/**
+ * Compile a `StatusMatcher` to a SQL `WHERE` fragment + bound parameters.
+ * The fragment is wrapped in parentheses; combine with other conditions via
+ * `AND`. Returns `null` if the matcher is empty (no constraints).
+ */
+export function compileStatusFilterToSql(
+  matcher: StatusMatcher,
+  column: string,
+): { sql: string; params: number[] } | null {
+  const clauses: string[] = [];
+  const params: number[] = [];
+  if (matcher.exacts.length > 0) {
+    const placeholders = matcher.exacts.map(() => "?").join(",");
+    clauses.push(`${column} IN (${placeholders})`);
+    params.push(...matcher.exacts);
+  }
+  for (const [lo, hi] of matcher.ranges) {
+    clauses.push(`${column} BETWEEN ? AND ?`);
+    params.push(lo, hi);
+  }
+  if (clauses.length === 0) return null;
+  return { sql: `(${clauses.join(" OR ")})`, params };
+}

package/src/cli/util/api-context.ts

@@ -0,0 +1,85 @@
+/**
+ * ARV-53: single resolver for the active `--api` collection name.
+ *
+ * Before this module the chain `localOpts.api → cmd.parent?.opts().api →
+ * readCurrentApi()` was inlined in nine call-sites (probe / prepare-fixtures
+ * / audit / checks / coverage / run / request, plus two intermediate helpers
+ * in probe.ts and resolve.ts). Each repeat was a separate commit
+ * (TASK-17, TASK-20, ARV-21, ARV-29, ARV-33). Centralising the chain here
+ * means new commands consume one import and the fallback rules live in
+ * exactly one place.
+ *
+ * Resolution order (matches the chain users see documented for `zond use`):
+ *   1. Per-command `--api <name>` (the local Commander scope).
+ *   2. Any ancestor command's `--api`, walking up to the program root
+ *      (covers the global `zond --api X <subcmd>` form whose value is
+ *      otherwise stranded on the parent Command).
+ *   3. `readCurrentApi()` — which itself folds in
+ *      `ZOND_API_GLOBAL` (mirrored by program.ts preAction) →
+ *      `ZOND_API` (user env) → `.zond/current-api` (persisted by `zond use`).
+ */
+
+import { readCurrentApi } from "../../core/context/current.ts";
+
+/**
+ * Minimal shape we need from a Commander `Command`. Spelled out as an
+ * interface (not `import("commander").Command`) so test doubles can pass a
+ * plain `{ opts, parent }` literal and TS still type-checks.
+ */
+export interface CommandLike {
+  opts(): Record<string, unknown>;
+  parent?: CommandLike | null;
+}
+
+export type ApiResolution =
+  | { ok: true; api: string; source: "local" | "ancestor" | "current" }
+  | { ok: false };
+
+/** Pull the explicit --api value out of a command's parsed opts, if any. */
+function readApiOpt(cmd: CommandLike): string | undefined {
+  const v = cmd.opts().api;
+  return typeof v === "string" && v.trim().length > 0 ? v.trim() : undefined;
+}
+
+/**
+ * Resolve the active API collection name for `cmd`. Pass `localOpts` when
+ * the action handler already has the parsed local opts in hand (avoids a
+ * second `cmd.opts()` parse and lets callers tunnel through pre-coerced
+ * shapes from tests).
+ */
+export function resolveApi(
+  cmd: CommandLike | undefined,
+  localOpts?: Record<string, unknown>,
+): ApiResolution {
+  const localRaw = localOpts?.api;
+  const local = typeof localRaw === "string" && localRaw.trim().length > 0
+    ? localRaw.trim()
+    : (cmd ? readApiOpt(cmd) : undefined);
+  if (local) return { ok: true, api: local, source: "local" };
+
+  let parent: CommandLike | null | undefined = cmd?.parent ?? null;
+  while (parent) {
+    const fromAncestor = readApiOpt(parent);
+    if (fromAncestor) return { ok: true, api: fromAncestor, source: "ancestor" };
+    parent = parent.parent ?? null;
+  }
+
+  const fromCurrent = readCurrentApi();
+  if (fromCurrent) return { ok: true, api: fromCurrent, source: "current" };
+
+  return { ok: false };
+}
+
+/**
+ * Convenience: returns the API name as `string | undefined`. Use this when
+ * the caller decides for itself how to react to "missing" (e.g. `coverage`
+ * falls back to `--spec`, `run` falls back to a positional path).
+ */
+export function getApi(cmd: CommandLike | undefined, localOpts?: Record<string, unknown>): string | undefined {
+  const r = resolveApi(cmd, localOpts);
+  return r.ok ? r.api : undefined;
+}
+
+/** Default error message for commands that strictly require an API. */
+export const MISSING_API_MESSAGE =
+  "--api is required (or set ZOND_API / `zond use <name>`).";

package/src/cli/version.ts

@@ -0,0 +1,8 @@
+import { version } from "../../package.json";
+
+export const VERSION = version;
+
+/** Canonical GitHub repo (owner/name). Single source of truth for any code
+ *  that links to releases, install scripts, or generated artefacts. */
+export const REPO = "kirrosh/zond";
+export const REPO_URL = `https://github.com/${REPO}`;

package/src/core/anti-fp/bootstrap.ts

@@ -0,0 +1,34 @@
+/**
+ * ARV-124: register every shipped anti-FP rule.
+ *
+ * Mirrors `core/probe/bootstrap.ts` — called once at CLI startup so
+ * checks/probes can rely on the registry being populated. Idempotent:
+ * repeated calls are no-ops. Tests should pair `resetAntiFpBootstrap()`
+ * with `reset()` from the registry to start from a clean slate.
+ */
+import { register, reset } from "./registry.ts";
+import { SCHEMATHESIS_RULES } from "./rules/schemathesis/index.ts";
+import { SUBSCRIPTION_GATED_RULES } from "./rules/subscription-gated/index.ts";
+import { BASELINE_ECHO_RULE } from "./rules/baseline-echo.ts";
+
+let bootstrapped = false;
+
+export function bootstrapAntiFp(): void {
+  if (bootstrapped) return;
+  for (const rule of SCHEMATHESIS_RULES) register(rule);
+  // ARV-125: subscription/scope-gated 403 wontfix tail in mass-assignment
+  // baseline summaries.
+  for (const rule of SUBSCRIPTION_GATED_RULES) register(rule);
+  // ARV-126: probe:security baseline-echo FP guard. The
+  // coverage-phase-boundary rule is shared with checks via its
+  // canonical re-export and is already covered by SCHEMATHESIS_RULES.
+  register(BASELINE_ECHO_RULE);
+  bootstrapped = true;
+}
+
+/** Test helper — clears the registry and the bootstrap flag so the
+ *  next call re-registers from scratch. */
+export function resetAntiFpBootstrap(): void {
+  reset();
+  bootstrapped = false;
+}

package/src/core/anti-fp/index.ts

@@ -0,0 +1,33 @@
+/**
+ * ARV-123 (m-19): public surface of the anti-FP registry.
+ *
+ * Callers (checks / probes) interact with a single helper —
+ * `applyAntiFp(ctx, scope)` — which walks every rule registered for
+ * `scope`, returns the first suppression that fires, or null. The
+ * suppression object carries the rule id, the resolved scope, a
+ * human reason, and the upstream references the rule was attributed
+ * to.
+ *
+ * The registry itself is exported for migration tooling (ARV-124..126)
+ * and for tests; production callers should prefer the helper.
+ */
+export type { FpRule, FpScope, FpSuppression } from "./types.ts";
+export { register, get, list, reset, matchesScope } from "./registry.ts";
+
+import { list } from "./registry.ts";
+import type { FpScope, FpSuppression } from "./types.ts";
+
+export function applyAntiFp<Ctx>(ctx: Ctx, scope: FpScope): FpSuppression | null {
+  for (const rule of list(scope)) {
+    const hit = rule.applies(ctx);
+    if (hit) {
+      return {
+        ruleId: hit.ruleId || rule.id,
+        scope,
+        reason: hit.reason,
+        references: hit.references ?? rule.references,
+      };
+    }
+  }
+  return null;
+}

package/src/core/anti-fp/registry.ts

@@ -0,0 +1,44 @@
+/**
+ * ARV-123 (m-19): in-process registry for anti-FP rules.
+ *
+ * Module-level mutable state on purpose — rules are registered at
+ * bootstrap time (similar to `core/probe/bootstrap.ts`) and read by
+ * checks/probes during a run. `reset()` exists for tests; production
+ * code never calls it.
+ */
+import type { FpRule, FpScope, FpSuppression } from "./types.ts";
+
+const rules = new Map<string, FpRule<unknown>>();
+
+/** Register a rule. Re-registering with the same `id` replaces the
+ *  prior entry — this keeps test setups simple (swap in a stub) and
+ *  matches how the probe-bootstrap pattern handles dedup. */
+export function register<Ctx>(rule: FpRule<Ctx>): void {
+  rules.set(rule.id, rule as FpRule<unknown>);
+}
+
+/** Lookup by id. Used mostly by tests and the `list` filter. */
+export function get(id: string): FpRule<unknown> | undefined {
+  return rules.get(id);
+}
+
+/** List rules in registration order. Optional scope filter keeps the
+ *  hot path (checks/probes) from re-implementing the scope-match
+ *  predicate. Pass a `scope` like `"check:positive_data_acceptance"`
+ *  to get only rules that declared that scope. */
+export function list(scope?: FpScope): FpRule<unknown>[] {
+  const all = Array.from(rules.values());
+  if (!scope) return all;
+  return all.filter(r => matchesScope(r, scope));
+}
+
+/** Drop every registered rule. Call only from test setup. */
+export function reset(): void {
+  rules.clear();
+}
+
+export function matchesScope(rule: FpRule<unknown>, scope: FpScope): boolean {
+  if (Array.isArray(rule.scope)) return rule.scope.includes(scope);
+  return rule.scope === scope;
+}
+

package/src/core/anti-fp/rules/baseline-echo.ts

@@ -0,0 +1,74 @@
+/**
+ * ARV-126: baseline-echo FP guard for `probe:security`.
+ *
+ * Context: the live security probe sends a mutated body against a
+ * 2xx-able baseline. When the response body is byte-for-byte identical
+ * to the baseline response — same URL bouncing back unchanged — the
+ * server effectively ignored the mutation. classifyInner currently
+ * lands such findings at `severity: "low"` with the reason "2xx
+ * accepted but no echo observed — verify side-effects manually",
+ * which floods the digest with sites that have nothing to verify.
+ *
+ * This rule consumes a `{responseBody, baselineBody}` context and
+ * fires when the two bodies are deeply equal. The probe consults
+ * `applyAntiFp(ctx, "probe:security")` after classifyInner returns a
+ * low-severity 2xx no-echo finding and, on a hit, downgrades the
+ * finding to OK with the rule's reason as the wontfix banner.
+ *
+ * The deep-equality check is intentionally narrow — referential or
+ * shape-only matches would over-suppress (a generic "ok: true" body
+ * trivially equals across many endpoints). The probe is responsible
+ * for passing the *full* parsed response, not a digest.
+ */
+import type { FpRule } from "../types.ts";
+
+export interface BaselineEchoCtx {
+  /** Parsed response body for the mutated request. */
+  responseBody: unknown;
+  /** Parsed response body for the pre-mutation baseline. May be
+   *  `undefined` when the probe didn't retain a baseline (in which
+   *  case the rule never fires — fail-open). */
+  baselineBody: unknown;
+}
+
+function deepEqual(a: unknown, b: unknown): boolean {
+  if (a === b) return true;
+  if (a === null || b === null) return false;
+  if (typeof a !== typeof b) return false;
+  if (typeof a !== "object") return false;
+  if (Array.isArray(a) !== Array.isArray(b)) return false;
+  if (Array.isArray(a) && Array.isArray(b)) {
+    if (a.length !== b.length) return false;
+    for (let i = 0; i < a.length; i++) {
+      if (!deepEqual(a[i], b[i])) return false;
+    }
+    return true;
+  }
+  const ao = a as Record<string, unknown>;
+  const bo = b as Record<string, unknown>;
+  const keys = Object.keys(ao);
+  if (keys.length !== Object.keys(bo).length) return false;
+  for (const k of keys) {
+    if (!Object.prototype.hasOwnProperty.call(bo, k)) return false;
+    if (!deepEqual(ao[k], bo[k])) return false;
+  }
+  return true;
+}
+
+export const BASELINE_ECHO_RULE: FpRule<BaselineEchoCtx> = {
+  id: "baseline-echo",
+  scope: "probe:security",
+  references: ["ARV-126"],
+  applies(ctx) {
+    if (ctx.baselineBody === undefined) return null;
+    if (!deepEqual(ctx.responseBody, ctx.baselineBody)) return null;
+    return {
+      ruleId: "baseline-echo",
+      scope: "probe:security",
+      reason:
+        "response body identical to the pre-mutation baseline — server " +
+        "ignored the attack payload; no side-effect to verify",
+      references: ["ARV-126"],
+    };
+  },
+};

package/src/core/anti-fp/rules/schemathesis/body_negation_becomes_valid.ts

@@ -0,0 +1,52 @@
+/**
+ * ARV-124: migrated from `src/core/checks/checks/_anti_fp.ts` (guard #1).
+ *
+ * Form-encoded / multipart bodies often *re-validate* after wire
+ * serialisation: empty strings round-trip as missing, dropped optional
+ * fields default at the server, numeric strings coerce. When the
+ * mutation is a drop/empty-string on a form-shaped request, the
+ * negative_data_rejection finding would be a false positive — the
+ * mutation is a no-op on the wire.
+ *
+ * Sources: schemathesis #2482, #2726, #3712.
+ */
+import type { CheckCase } from "../../../checks/types.ts";
+import type { MutationMeta } from "../../../checks/checks/_negative_mutator.ts";
+import type { FpRule } from "../../types.ts";
+
+function getMutation(c: CheckCase): MutationMeta | undefined {
+  const m = c.meta as { mutation?: MutationMeta["mutation"] } | undefined;
+  if (!m || typeof m.mutation !== "string") return undefined;
+  return c.meta as unknown as MutationMeta;
+}
+
+function isFormLike(contentType: string | undefined): boolean {
+  if (!contentType) return false;
+  const ct = contentType.toLowerCase();
+  return (
+    ct.includes("application/x-www-form-urlencoded") ||
+    ct.includes("multipart/form-data")
+  );
+}
+
+export const bodyNegationBecomesValidRule: FpRule<CheckCase> = {
+  id: "_body_negation_becomes_valid_after_serialization",
+  scope: "check:negative_data_rejection",
+  references: ["#2482", "#2726", "#3712"],
+  applies(c) {
+    const m = getMutation(c);
+    if (!m) return null;
+    const ct =
+      c.request.headers["Content-Type"] ?? c.request.headers["content-type"];
+    if (!isFormLike(ct)) return null;
+    if (m.mutation === "drop_required" || m.mutation === "constraint_violation") {
+      return {
+        ruleId: "_body_negation_becomes_valid_after_serialization",
+        scope: "check:negative_data_rejection",
+        reason: `mutation "${m.mutation}" on a ${ct} body re-validates after wire serialisation`,
+        references: ["#2482", "#2726", "#3712"],
+      };
+    }
+    return null;
+  },
+};

package/src/core/anti-fp/rules/schemathesis/coverage_phase_boundary_positive.ts

@@ -0,0 +1,38 @@
+/**
+ * ARV-124: migrated from `src/core/checks/checks/_anti_fp.ts` (guard #4).
+ *
+ * `--phase coverage` enumerates boundary values across the body schema:
+ *   - shortest/longest string, min/max int, every enum option, ...
+ * Those bodies are JSON-Schema-valid but semantically synthetic — they
+ * sit on the contract edge. Real APIs reject them with 422 for reasons
+ * that have nothing to do with the contract:
+ *   - "from" email must be on a verified-sending-domain,
+ *   - "broadcast.from_audience_id" must exist on this tenant,
+ *   - rate-limited resource (a plan_limit).
+ * Treating each one as `positive_data_acceptance` fail floods the
+ * report (171/349 findings on a benchmark run) and drowns real depth
+ * signal. Skip when the case is a coverage-phase positive — keep the
+ * examples-phase positive (one realistic baseline body) as the strict
+ * signal.
+ *
+ * Source: feedback round-03 F20 / ARV-77.
+ */
+import type { CheckCase } from "../../../checks/types.ts";
+import type { FpRule } from "../../types.ts";
+
+export const coveragePhaseBoundaryPositiveRule: FpRule<CheckCase> = {
+  id: "_coverage_phase_boundary_positive",
+  scope: "check:positive_data_acceptance",
+  references: ["ARV-77"],
+  applies(c) {
+    const meta = c.meta as { phase?: string } | undefined;
+    if (!meta || meta.phase !== "coverage") return null;
+    if (c.kind !== "positive") return null;
+    return {
+      ruleId: "_coverage_phase_boundary_positive",
+      scope: "check:positive_data_acceptance",
+      reason:
+        "boundary-positive bodies are synthetic — server may reject for semantic reasons unrelated to the contract",
+    };
+  },
+};

package/src/core/anti-fp/rules/schemathesis/has_unverifiable_mutations.ts

@@ -0,0 +1,35 @@
+/**
+ * ARV-124: migrated from `src/core/checks/checks/_anti_fp.ts` (guard #3).
+ *
+ * Multiple disjoint mutations make accept/reject ambiguous: the server
+ * might accept due to one site even while rejecting another. Our
+ * single-site mutator emits exactly one mutation, so the guard fires
+ * only when callers attach `mutation_count > 1` to `case.meta` — used
+ * by future shrinkers / batched probes.
+ *
+ * Scope covers both data-rejection checks so a multi-site mutation
+ * payload that survives into either side gets suppressed consistently.
+ *
+ * Source: schemathesis #2713.
+ */
+import type { CheckCase } from "../../../checks/types.ts";
+import type { FpRule } from "../../types.ts";
+
+export const hasUnverifiableMutationsRule: FpRule<CheckCase> = {
+  id: "_has_unverifiable_mutations",
+  scope: ["check:negative_data_rejection", "check:positive_data_acceptance"],
+  references: ["#2713"],
+  applies(c) {
+    const meta = c.meta as { mutation_count?: number } | undefined;
+    if (!meta) return null;
+    if (typeof meta.mutation_count === "number" && meta.mutation_count > 1) {
+      return {
+        ruleId: "_has_unverifiable_mutations",
+        scope: "check:negative_data_rejection",
+        reason: `${meta.mutation_count} mutations on disjoint sites — finding can't be attributed`,
+        references: ["#2713"],
+      };
+    }
+    return null;
+  },
+};

package/src/core/anti-fp/rules/schemathesis/index.ts

@@ -0,0 +1,24 @@
+/**
+ * ARV-124: schemathesis-attributed rule bundle. Each export is a
+ * standalone FpRule for testing/introspection; the side-effect-free
+ * list is re-exported as `SCHEMATHESIS_RULES` so the bootstrap can
+ * register them in one batch.
+ */
+import { bodyNegationBecomesValidRule } from "./body_negation_becomes_valid.ts";
+import { coveragePhaseBoundaryPositiveRule } from "./coverage_phase_boundary_positive.ts";
+import { hasUnverifiableMutationsRule } from "./has_unverifiable_mutations.ts";
+import { stringTypeMutationBecomesValidRule } from "./string_type_mutation_becomes_valid.ts";
+
+export {
+  bodyNegationBecomesValidRule,
+  coveragePhaseBoundaryPositiveRule,
+  hasUnverifiableMutationsRule,
+  stringTypeMutationBecomesValidRule,
+};
+
+export const SCHEMATHESIS_RULES = [
+  bodyNegationBecomesValidRule,
+  stringTypeMutationBecomesValidRule,
+  hasUnverifiableMutationsRule,
+  coveragePhaseBoundaryPositiveRule,
+] as const;