Reference¶
I need to...¶
| Question | Start here |
|---|---|
| Understand why a rule fired on my code | Rules then Severity Matrix |
| Know what severity/exceptionability applies | Severity Matrix |
| Pick the right decorator for a function | Decorators |
| Understand a taint state like UNKNOWN_GUARDED | Taint States |
| Fix a scan error or warning | Error Messages |
| Consume wardline output in CI | SARIF Format then CLI |
| Configure wardline.yaml or overlays | Manifest |
| Understand which decorator groups are enforced | Supplementary Groups |
| Understand why Wardline is designed this way | Systems Thinking |
| Look up a term I don't recognise | Glossary |
All Reference Documents¶
Core Concepts¶
- Taint States — The 8 canonical taint states, authority tiers, and the join lattice
- Severity Matrix — 72-cell lookup: (rule, taint state) to (severity, exceptionability)
- Rules — All rule IDs: canonical pattern rules, supplementary rules, diagnostics, and governance findings
- Glossary — Definitions for terms used in wardline output and documentation
Configuration¶
- Manifest — Field-by-field reference for
wardline.yamlandwardline.overlay.yaml - Decorators — The 38 wardline decorators organised into 17 groups
- Supplementary Groups — Decorator groups beyond the core authority-tier flow
Output & Integration¶
- CLI — All commands, subcommands, flags, and exit codes
- SARIF Format — Annotated SARIF v2.1.0 output with every
wardline.*property documented - Error Messages — Common errors by exit code, with causes and fixes
- Governance Retention — Audit retention requirements for SARIF, exception register, and fingerprint baseline