memento-mori-jester 0.1.72 → 0.1.74

package/CHANGELOG.md

@@ -4,6 +4,18 @@ All notable changes to Memento Mori Jester are tracked here.
 
 ## Unreleased
 
+## 0.1.74
+
+- Added six API quiet-pass fixtures, growing the corpus to 208 fixtures.
+- Strengthened safe near-miss evidence for schema parsing, query-builder filters, enabled rate limiting, read-only Prisma migration diffs, signed-webhook docs, and OpenAPI schema docs.
+- Refreshed demo, roadmap, fixture docs, and release notes for the API curation batch.
+
+## 0.1.73
+
+- Added six web and AI quiet-pass fixtures, growing the corpus to 202 fixtures.
+- Strengthened safe near-miss evidence for safe text rendering, allowlisted target paths, public analytics IDs, model-check commands, tool allowlist checks, and public model-name config.
+- Refreshed demo, roadmap, fixture docs, and release notes for the web/AI curation batch.
+
 ## 0.1.72
 
 - Added six Python and security quiet-pass fixtures, growing the corpus to 196 fixtures.

package/ROADMAP.md

@@ -6,6 +6,8 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 
 ## Recently Shipped
 
+- API fixture curation in v0.1.74, adding six quiet-pass examples for schema parsing, query-builder filters, enabled rate limiting, read-only Prisma migration diffs, signed-webhook docs, and OpenAPI schema docs.
+- Web/AI fixture curation in v0.1.73, adding six quiet-pass examples for safe text rendering, allowlisted target paths, public analytics IDs, model-check commands, tool allowlist checks, and public model-name config.
 - Python/security fixture curation in v0.1.72, adding six quiet-pass examples for Bandit, pip-audit, coverage/pytest, Trivy, npm audit, and TLS verification-enabled diffs.
 - Node preset fixture curation in v0.1.71, adding six quiet-pass examples for npm audit/outdated/ci, development-mode Node commands, package export maps, and workspace test scripts, plus a repo-local X demo video asset.
 - Infra preset fixture curation in v0.1.70, adding six quiet-pass operational examples for read-only Kubernetes, Docker, Terraform linting, and public-IP hardening changes.
@@ -61,7 +63,7 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 
 ## Product Ideas
 
-- Collect real-world reports for the next lowest-count preset slices: web, AI, API, then python.
+- Collect real-world reports for the next lowest-count preset slices: python, security, web, then AI.
 - Add more framework-specific false-positive examples from real reports so tuning guidance keeps getting sharper.
 - Add a Markdown export for fixture reports so maintainers can paste coverage snapshots into issues or release notes.
 

package/docs/DEMO.md

@@ -192,8 +192,8 @@ Project config: none loaded
 Fixture tuning evidence:
 Support: limited
 Confidence: medium
-Total fixtures checked: 196
-Weighted fixtures checked: 377.9
+Total fixtures checked: 208
+Weighted fixtures checked: 399.2
 Matching fixtures: 11
 Weighted matches: 23
 Expected-match weight: 18
@@ -202,7 +202,7 @@ Edge-case matches: 0
 Quiet-pass fixtures: 5
 Quiet-pass weight: 3.6
 By kind: command 0, plan 5, diff 5, final 1
-Fixture coverage: 11/196 (6.1% weighted)
+Fixture coverage: 11/208 (5.8% weighted)
 By verdict: pass 0, caution 3, block 8
 Matched fixture samples:
   infra-public-ingress-block: Public ingress should block in low-risk-tolerance infra repos.
@@ -353,7 +353,7 @@ Preset packs:
 
 ## 13. Review Fixtures
 
-The fixture suite in `examples/fixtures/preset-review-cases.json` captures small real-usage examples with expected `pass`, `caution`, or `block` verdicts. It also includes matched-pass examples for low-severity rules, quiet-pass `absentRuleIds` examples that prove noisy rules stay silent for safe near-misses, stack-specific coverage for every built-in preset, quiet-pass boundaries across built-in, structural, custom, and preset/config-derived rules, second firing examples for preset blocked-command rules, second examples for AI/API, framework custom, built-in, and configured sensitive-domain rules, AI tool-dispatch examples with safe allowlist/schema boundaries, and real-world low-count preset examples across node, python, web, infra, AI, and security slices. Recent quiet-pass examples cover typechecks, prebuild scripts, mypy, dataclass parsing, CodeQL, Dependabot limits, form validation, accessibility copy, read-only Kubernetes inspection, Docker disk usage, Terraform linting, public-IP hardening changes, npm audit/outdated/ci, development-mode Node commands, package export maps, workspace test scripts, Bandit, pip-audit, coverage/pytest, Trivy filesystem scans, npm audit, and TLS verification-enabled diffs. These examples are run by `npm test`, so preset tuning changes stay visible.
+The fixture suite in `examples/fixtures/preset-review-cases.json` captures small real-usage examples with expected `pass`, `caution`, or `block` verdicts. It also includes matched-pass examples for low-severity rules, quiet-pass `absentRuleIds` examples that prove noisy rules stay silent for safe near-misses, stack-specific coverage for every built-in preset, quiet-pass boundaries across built-in, structural, custom, and preset/config-derived rules, second firing examples for preset blocked-command rules, second examples for AI/API, framework custom, built-in, and configured sensitive-domain rules, AI tool-dispatch examples with safe allowlist/schema boundaries, and real-world low-count preset examples across node, python, web, infra, AI, and security slices. Recent quiet-pass examples cover typechecks, prebuild scripts, mypy, dataclass parsing, CodeQL, Dependabot limits, form validation, accessibility copy, read-only Kubernetes inspection, Docker disk usage, Terraform linting, public-IP hardening changes, npm audit/outdated/ci, development-mode Node commands, package export maps, workspace test scripts, Bandit, pip-audit, coverage/pytest, Trivy filesystem scans, npm audit, TLS verification-enabled diffs, safe text rendering, allowlisted target paths, public analytics IDs, model-check commands, tool allowlist checks, public model-name config, API schema parsing, query-builder filters, enabled rate limiting, read-only Prisma migration diffs, signed-webhook docs, and OpenAPI schema docs. These examples are run by `npm test`, so preset tuning changes stay visible.
 
 Maintainers can run `npm run fixtures:report` to see coverage by verdict, kind, preset, rule family, and preset slice. The report also includes a `Curation next` section that points at the next useful fixture batch, such as thin rules, feasible pass-case evidence, rule-family gaps, or lower-count presets.
 

package/docs/RELEASE_NOTES_v0.1.73.md

@@ -0,0 +1,38 @@
+# Memento Mori Jester v0.1.73
+
+This release follows the fixture report's web/AI curation guidance. It adds practical quiet-pass examples only; review behavior is unchanged.
+
+## What Changed
+
+- Added 6 fixture cases, growing the corpus from 196 to 202 fixtures.
+- Added web quiet-pass examples for:
+  - safe `textContent` rendering.
+  - allowlisted target path selection.
+  - public analytics identifiers.
+- Added AI quiet-pass examples for:
+  - model-check commands.
+  - tool allowlist checks.
+  - public model-name config.
+- Raised the web and AI preset slices from 15 to 18 fixtures each.
+- Kept thin rule coverage, quiet-pass gaps, feasible pass-case gaps, and preset/kind gaps at zero.
+
+## Public Interface
+
+- No CLI command changes.
+- No config schema changes.
+- No rule matching, scoring, or verdict behavior changes.
+- No MCP, playground, GitHub Action, or npm publishing changes.
+
+## Release Validation
+
+```powershell
+npm.cmd test
+npm.cmd run demo:svg:check
+npm.cmd run fixtures:report
+npm.cmd run fixtures:report -- --json
+npm.cmd run pack:dry
+git diff --check
+node .\dist\cli.js tune coverage --no-config
+node .\dist\cli.js tune risky-domain --json --no-config
+git diff | node .\dist\cli.js diff --fail-on block --subject "v0.1.73 web and AI quiet-pass curation"
+```

package/docs/RELEASE_NOTES_v0.1.74.md

@@ -0,0 +1,37 @@
+# Memento Mori Jester v0.1.74
+
+This release follows the fixture report's API curation guidance. It adds practical quiet-pass examples only; review behavior is unchanged.
+
+## What Changed
+
+- Added 6 fixture cases, growing the corpus from 202 to 208 fixtures.
+- Added API quiet-pass examples for:
+  - schema parsing request bodies.
+  - query-builder filters with validated IDs.
+  - enabled rate limiting.
+  - read-only Prisma migration diffs.
+  - signed-webhook documentation.
+  - OpenAPI schema documentation.
+- Raised the API preset slice from 16 to 22 fixtures.
+- Kept thin rule coverage, quiet-pass gaps, feasible pass-case gaps, and preset/kind gaps at zero.
+
+## Public Interface
+
+- No CLI command changes.
+- No config schema changes.
+- No rule matching, scoring, or verdict behavior changes.
+- No MCP, playground, GitHub Action, or npm publishing changes.
+
+## Release Validation
+
+```powershell
+npm.cmd test
+npm.cmd run demo:svg:check
+npm.cmd run fixtures:report
+npm.cmd run fixtures:report -- --json
+npm.cmd run pack:dry
+git diff --check
+node .\dist\cli.js tune coverage --no-config
+node .\dist\cli.js tune risky-domain --json --no-config
+git diff | node .\dist\cli.js diff --fail-on block --subject "v0.1.74 API quiet-pass curation"
+```

package/examples/fixtures/README.md

@@ -27,6 +27,8 @@ Maintainer triage guidance lives in [docs/MAINTAINER_TRIAGE.md](../../docs/MAINT
 - Quiet-pass examples for read-only Kubernetes inspection, Docker disk usage, Terraform linting, and public-IP hardening changes.
 - Quiet-pass examples for npm audit/outdated/ci, development-mode Node commands, package export maps, and workspace test scripts.
 - Quiet-pass examples for Bandit, pip-audit, coverage/pytest, Trivy filesystem scans, npm audit, and TLS verification-enabled diffs.
+- Quiet-pass examples for safe text rendering, allowlisted target paths, public analytics IDs, model-check commands, tool allowlist checks, and public model-name config.
+- Quiet-pass examples for API schema parsing, query-builder filters, enabled rate limiting, read-only Prisma migration diffs, signed-webhook docs, and OpenAPI schema docs.
 - Fixture metadata like `weight` and `edgeCase` to support precision-weighted tuning evidence.
 
 ## Local Check

package/examples/fixtures/preset-review-cases.json

@@ -2572,5 +2572,170 @@
     "absentRuleIds": [
       "custom-insecure-tls-disabled"
     ]
+  },
+  {
+    "id": "web-textcontent-render-diff-pass",
+    "preset": "web",
+    "kind": "diff",
+    "description": "TextContent rendering should stay quiet around unsafe HTML injection checks.",
+    "content": "diff --git a/src/render.ts b/src/render.ts\n--- a/src/render.ts\n+++ b/src/render.ts\n@@ -1 +1,2 @@\n+element.textContent = displayMessage;\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-web-unsafe-html-injection",
+      "configured-sensitive-domain-dangerouslysetinnerhtml",
+      "configured-sensitive-domain-innerhtml"
+    ]
+  },
+  {
+    "id": "web-allowlisted-target-path-diff-pass",
+    "preset": "web",
+    "kind": "diff",
+    "description": "Allowlisted target paths should not look like open redirect-shaped changes.",
+    "content": "diff --git a/src/navigation.ts b/src/navigation.ts\n--- a/src/navigation.ts\n+++ b/src/navigation.ts\n@@ -1 +1,2 @@\n+const targetPath = allowedPaths.has(candidatePath) ? candidatePath : \"/dashboard\";\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-web-open-redirect-shape"
+    ]
+  },
+  {
+    "id": "web-public-analytics-env-command-pass",
+    "preset": "web",
+    "kind": "command",
+    "description": "Public analytics identifiers should not trip frontend secret-name checks.",
+    "content": "echo NEXT_PUBLIC_ANALYTICS_ID",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-web-public-secret-name"
+    ]
+  },
+  {
+    "id": "ai-model-check-command-pass",
+    "preset": "ai",
+    "kind": "command",
+    "description": "Model behavior check commands should not look like skipped AI safety checks.",
+    "content": "npm run model-checks -- --scenario safe-tool-routing",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-ai-evals-skipped"
+    ]
+  },
+  {
+    "id": "ai-tool-allowlist-command-pass",
+    "preset": "ai",
+    "kind": "command",
+    "description": "Tool allowlist checks should not trip user-controlled tool dispatch rules.",
+    "content": "node scripts/check-tool-allowlist.mjs",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-ai-user-controlled-tool-dispatch"
+    ]
+  },
+  {
+    "id": "ai-public-model-env-diff-pass",
+    "preset": "ai",
+    "kind": "diff",
+    "description": "Public model-name config should not be mistaken for client-exposed provider keys.",
+    "content": "diff --git a/src/config.ts b/src/config.ts\n--- a/src/config.ts\n+++ b/src/config.ts\n@@ -1 +1,2 @@\n+export const NEXT_PUBLIC_OPENAI_MODEL = \"gpt-4.1-mini\";\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-ai-public-provider-key",
+      "secret-material"
+    ]
+  },
+  {
+    "id": "api-schema-parse-diff-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Schema parsing request bodies should stay quiet around raw SQL and auth-bypass checks.",
+    "content": "diff --git a/src/routes/users.ts b/src/routes/users.ts\n--- a/src/routes/users.ts\n+++ b/src/routes/users.ts\n@@ -1 +1,2 @@\n+const input = CreateUserSchema.parse(req.body);\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-auth-bypass",
+      "custom-api-raw-sql-user-input"
+    ]
+  },
+  {
+    "id": "api-query-builder-diff-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Query-builder filters with validated identifiers should not trip raw request SQL checks.",
+    "content": "diff --git a/src/routes/users.ts b/src/routes/users.ts\n--- a/src/routes/users.ts\n+++ b/src/routes/users.ts\n@@ -1 +1,2 @@\n+const user = await db.user.findUnique({ where: { id: validatedUserId } });\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-raw-sql-user-input"
+    ]
+  },
+  {
+    "id": "api-rate-limit-enabled-diff-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Enabled API throttles should not look like rate-limit disabling.",
+    "content": "diff --git a/src/middleware/limits.ts b/src/middleware/limits.ts\n--- a/src/middleware/limits.ts\n+++ b/src/middleware/limits.ts\n@@ -1 +1,2 @@\n+export const apiLimiter = rateLimit({ windowMs: 60000, max: 100 });\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-rate-limit-disabled",
+      "configured-sensitive-domain-rate-limit"
+    ]
+  },
+  {
+    "id": "api-prisma-migrate-diff-command-pass",
+    "preset": "api",
+    "kind": "command",
+    "description": "Read-only Prisma migration diff commands should not be mistaken for destructive resets.",
+    "content": "prisma migrate diff --from-empty --to-schema-datamodel prisma/schema.prisma --script",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "blocked-command-prisma-migrate-reset-force",
+      "custom-api-destructive-migration"
+    ]
+  },
+  {
+    "id": "api-webhook-signature-docs-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Docs about requiring signed webhooks should stay quiet around disabled-webhook checks.",
+    "content": "diff --git a/docs/WEBHOOKS.md b/docs/WEBHOOKS.md\n--- a/docs/WEBHOOKS.md\n+++ b/docs/WEBHOOKS.md\n@@ -1 +1,2 @@\n+Require provider webhook signature verification before accepting event payloads.\n",
+    "expectedVerdict": "pass",
+    "edgeCase": true,
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-webhook-signature-disabled",
+      "configured-sensitive-domain-webhook"
+    ]
+  },
+  {
+    "id": "api-openapi-schema-docs-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Docs about OpenAPI schema validation should not trip broad API sensitive-domain noise.",
+    "content": "diff --git a/docs/API_SCHEMA.md b/docs/API_SCHEMA.md\n--- a/docs/API_SCHEMA.md\n+++ b/docs/API_SCHEMA.md\n@@ -1 +1,2 @@\n+Document OpenAPI request schemas and validation examples for client integrations.\n",
+    "expectedVerdict": "pass",
+    "edgeCase": true,
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "configured-sensitive-domain-openapi"
+    ]
   }
 ]

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "memento-mori-jester",
-  "version": "0.1.72",
+  "version": "0.1.74",
   "description": "A local court-jester sidecar for AI coding agents: review plans, commands, diffs, and final claims before they get too pleased with themselves.",
   "type": "module",
   "repository": {