pqcheck 0.16.22 → 0.16.23

package/README.md

@@ -8,7 +8,7 @@
 [![npm downloads](https://img.shields.io/npm/dm/pqcheck.svg?style=flat-square&color=06b6d4)](https://www.npmjs.com/package/pqcheck)
 [![license](https://img.shields.io/npm/l/pqcheck.svg?style=flat-square&color=06b6d4)](./LICENSE)
 
-> **Latest: v0.16.22** — Drift gates, posture advises. Default `ship_decision` reverts to drift-only (the right per-deploy regression gate); posture grade is surfaced as a one-line advisory + ready-to-paste fix snippets, NOT as an auto-block. A site that's been D-posture for months hasn't regressed on today's deploy; gating it every time trains people to ignore the gate. Once your site reaches A/B posture, pass `--strict-posture` as the "lock it in, prevent backsliding" gate. New `ship_decision_drift` / `ship_decision_posture` / `ship_decision_mode` fields make both signals visible. [Full changelog →](./CHANGELOG.md)
+> **Latest: v0.16.23** — Closes the silent-no-op flag class. `--strict` now aliases `--strict-posture` in scan / deploy-check / trust-diff (audit caught the typo silently degrading to drift-only). And unknown flags now reject loudly with a closest-match suggestion + non-zero exit — `--stict-posture` (typo) → `error: did you mean --strict-posture?` instead of silently no-op'ing. Same principle applied to ourselves that Cipherwake exists to enforce for customers: a security tool can never silently proceed with weaker behaviour on an unrecognized signal. [Full changelog →](./CHANGELOG.md)
 
 ## Two ways to use it
 

package/bin/pqcheck.js

@@ -248,6 +248,14 @@ async function main() {
     }
   }
 
+  // R86.7 — reject unknown flags loudly. Catches typo'd safety-critical
+  // flags like `--strict` (was intended --strict-posture) that previously
+  // silently no-op'd, leaving customers with a false sense of security.
+  const unknown = assertKnownFlags(args, "pqcheck <domain>");
+  if (unknown) {
+    process.exit(3);
+  }
+
   const positional = args.filter((a) => !a.startsWith("-") && !isFlagValue(args, a));
   const domains = [...positional, ...fileDomains]
     .map((a) => normalizeDomain(a))
@@ -295,7 +303,13 @@ async function main() {
   // absolute posture grade into ship_decision. Recommended ONLY after a
   // site reaches A/B posture — opting in earlier produces cry-wolf gating
   // on every deploy since most AI-coded sites grade D/F out of the box.
-  const strictPosture = args.includes("--strict-posture");
+  // Accept both `--strict-posture` (explicit) and `--strict` (short alias).
+  // Audit caught a footgun where customers typed `--strict` expecting the
+  // posture gate to fire and got silent drift-only mode instead. The
+  // `onboard` subcommand uses `--strict` for a different purpose (gate exit
+  // code on step failure) but that's a separate command — the alias is
+  // scoped to scan / deploy-check / trust-diff only.
+  const strictPosture = args.includes("--strict-posture") || args.includes("--strict");
 
   // One-shot scan(s)
   let worstExit = 0;
@@ -747,6 +761,100 @@ function parseAiMode(args) {
   return args.includes("--ai") || args.includes("--agent");
 }
 
+// R86.7 (2026-06-04) — close the "silent no-op on unrecognized flag" class
+// of footguns. Audit caught --strict (intended --strict-posture) silently
+// degrading to drift-only mode without warning — the user believed they had
+// the hard posture gate on. Same family as false-green pins: looks like it's
+// doing something, silently isn't. The fix: validate every --foo token in
+// args against a known-flags whitelist and reject loudly on unknown flags
+// with a closest-match suggestion. For a security gate, "unknown flag →
+// silently proceed with weaker behaviour" must never happen.
+//
+// Scope: universal whitelist applied at scan / deploy-check / trust-diff /
+// preview-diff entry points. False acceptance of cross-command flags (e.g.
+// passing --preview to deploy-check) is the SAME failure mode as today
+// (silent ignore) — typo detection is the win. Per-command whitelists
+// would be more correct but the universal list covers the audit footgun.
+const KNOWN_FLAGS = new Set([
+  // Global / output mode
+  "--ai", "--agent", "--verbose", "--quiet", "--help", "--version", "--debug-network",
+  // Multi-domain
+  "--file", "--watch",
+  // Scan behaviour
+  "--fresh", "--force", "--threshold", "--webhook", "--json", "--csv", "--markdown",
+  "--sarif", "--gh-action", "--multi", "--lock", "--explain", "--plan", "--stdout",
+  // Posture gating (the audit catch)
+  "--strict", "--strict-posture",
+  // Format / output format
+  "--format",
+  // Trust-diff / deploy-check / preview-diff
+  "--baseline", "--fail-on", "--fail-on-new", "--guards", "--compare-transport",
+  "--write-baseline", "--preview", "--production",
+  // Setup / onboard / install consent
+  "--auto", "--manual", "--yes", "--no-open", "--domain", "--invoked-by",
+  "--consent-phrase", "--scope",
+  "--skip-checklist", "--skip-hook", "--skip-protocol", "--skip-scan",
+  "--skip-statusline", "--skip-vendors", "--skip-vscode", "--skip-workflow",
+]);
+
+function levenshtein(a, b) {
+  if (a === b) return 0;
+  const m = a.length, n = b.length;
+  if (m === 0) return n;
+  if (n === 0) return m;
+  const row = new Array(m + 1);
+  for (let i = 0; i <= m; i++) row[i] = i;
+  for (let j = 1; j <= n; j++) {
+    let prev = row[0];
+    row[0] = j;
+    for (let i = 1; i <= m; i++) {
+      const tmp = row[i];
+      row[i] = a[i - 1] === b[j - 1]
+        ? prev
+        : 1 + Math.min(prev, row[i], row[i - 1]);
+      prev = tmp;
+    }
+  }
+  return row[m];
+}
+
+function suggestFlag(unknown) {
+  let best = null, bestDist = Infinity;
+  for (const known of KNOWN_FLAGS) {
+    const d = levenshtein(unknown, known);
+    if (d < bestDist) { bestDist = d; best = known; }
+  }
+  // Only suggest if reasonably close (≤ 3 edits or ≤ half the unknown's length)
+  const threshold = Math.max(3, Math.floor(unknown.length / 2));
+  return bestDist <= threshold ? best : null;
+}
+
+function assertKnownFlags(args, cmdName) {
+  const unknown = [];
+  for (const tok of args) {
+    if (typeof tok !== "string" || !tok.startsWith("--") || tok === "--") continue;
+    // Strip `--foo=bar` → `--foo` so equals-value forms validate against the bare flag
+    const flag = tok.includes("=") ? tok.slice(0, tok.indexOf("=")) : tok;
+    if (!KNOWN_FLAGS.has(flag)) unknown.push(flag);
+  }
+  if (unknown.length === 0) return null;
+  // Emit error to stderr with closest-match suggestion, return non-null
+  // sentinel so the caller can exit non-zero. We do NOT process.exit here
+  // because the AI-mode caller needs to emit a structured guard block
+  // before exiting (so AI agents parsing the block don't see a missing
+  // CIPHERWAKE_AI_GUARD_RESULT and fall through to a different error path).
+  for (const u of unknown) {
+    const sug = suggestFlag(u);
+    process.stderr.write(color("red", `error: unknown flag ${u} for ${cmdName}\n`));
+    if (sug) {
+      process.stderr.write(color("yellow", `       did you mean ${sug}?\n`));
+    } else {
+      process.stderr.write(color("dim", `       run \`npx pqcheck --help\` for the flag list.\n`));
+    }
+  }
+  return unknown;
+}
+
 function severityRank(s) {
   const map = { critical: 4, high: 3, medium: 2, low: 1, info: 0, none: -1 };
   return map[String(s || "none").toLowerCase()] ?? 0;
@@ -3365,10 +3473,16 @@ async function runScanBasedDeployCheck(domain, args) {
 }
 
 async function runTrustDiffCommand(args) {
+  // R86.7 — reject unknown flags before any other parsing. Same rationale
+  // as the bare-scan path: typo'd safety-critical flags must fail loud,
+  // not silently degrade.
+  if (assertKnownFlags(args, "pqcheck trust-diff")) {
+    process.exit(3);
+  }
   const positional = args.filter((a) => !a.startsWith("-") && !isFlagValue(args, a));
   if (positional.length === 0) {
     console.error(color("red", "error: pqcheck trust-diff requires a domain"));
-    console.error(color("dim", "Usage: npx pqcheck trust-diff <domain> [--baseline last-week] [--fail-on high] [--format pretty|json|sarif|github]"));
+    console.error(color("dim", "Usage: npx pqcheck trust-diff <domain> [--baseline last-week] [--fail-on high] [--format pretty|json|sarif|github] [--strict-posture]"));
     process.exit(3);
   }
   const domain = normalizeDomain(positional[0]);
@@ -3384,7 +3498,13 @@ async function runTrustDiffCommand(args) {
   // is drift-only (per-deploy regression gate); --strict-posture opts into
   // worst-of(drift, posture). Recommended only after a site reaches A/B
   // posture to lock that in.
-  const strictPosture = args.includes("--strict-posture");
+  // Accept both `--strict-posture` (explicit) and `--strict` (short alias).
+  // Audit caught a footgun where customers typed `--strict` expecting the
+  // posture gate to fire and got silent drift-only mode instead. The
+  // `onboard` subcommand uses `--strict` for a different purpose (gate exit
+  // code on step failure) but that's a separate command — the alias is
+  // scoped to scan / deploy-check / trust-diff only.
+  const strictPosture = args.includes("--strict-posture") || args.includes("--strict");
 
   // Build headers conditionally — Authorization is set ONLY if the user has
   // an API key. Without it, the server's applyRepoQuota falls through to the
@@ -3881,6 +4001,11 @@ async function runGuardsRunCommand(args) {
 }
 
 async function runPreviewDiffCommand(args) {
+  // R86.7 — reject unknown flags before parsing. Closes the silent-no-op
+  // class of footguns for the preview-diff command too.
+  if (assertKnownFlags(args, "pqcheck preview-diff")) {
+    process.exit(3);
+  }
   const previewUrl = parseFlag(args, "--preview");
   const productionUrl = parseFlag(args, "--production");
   if (!previewUrl || !productionUrl) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pqcheck",
-  "version": "0.16.22",
+  "version": "0.16.23",
   "description": "Deploy gate for AI-coded web apps. `pqcheck deploy-check --ai` returns ship_decision=pass|review|block for Claude Code / Cursor / Copilot / Aider to gate deploys before they ship. Anonymous, no signup, free for first use.",
   "keywords": [
     "ai-coder",