feat: FEAT-129 Crisis Analytics Dashboard (Supabase-direct v1: views + runbook)#134
Merged
Merged
Conversation
…+ runbook) Re-scoped from PostHog-native to Supabase-direct after INFRA-214 routed the crisis_detected event to Supabase analytics_events (GDPR vital-interests basis; PostHog legally cannot carry crisis data). v1 = operator-only aggregate views + founder runbook; automated alerting deferred to a follow-up. - schema.sql §6b + migration 20260605000000: crisis_detection_daily / _volume_daily / _liveness views over crisis_detected. PII-free (bucketed counts; never selects user_id/session_id), operator-only (not granted to authenticated/ anon). No k-anon suppression (DPIA v1.2 drops the claim; a safety monitor must not hide the first/rare crisis). severity='undefined' rows surfaced, not filtered (makes the inline-Q9 emit bug visible instead of laundering it). - docs/development/crisis-analytics-runbook.md: post-release liveness check (active synthetic-detection assertion, not a bare count), drift scan, monthly compliance export, three-store latency split (Sentry/Supabase/PostHog), honest privacy posture. Crisis + compliance specialist sign-off. Follow-ups: automated alerting infra; fix inline-Q9 emit (String(undefined) -> real severity_bucket/assessment_type). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…crisis-analytics-dashboard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes FEAT-129
Operator-only crisis-safety observability over the
crisis_detectedevent that INFRA-214 routes into Supabaseanalytics_events(vital-interests basis). Re-scoped v1 = Supabase-direct (PostHog-native path superseded by INFRA-214's routing decision). Backend + docs only — no app code ships.What's included
schema.sql§6b + migration20260605000000_crisis_analytics_views.sql):crisis_detection_daily— per-day mix bytrigger_type×severity_bucket×assessment_type, withintervention_surfacedcount.crisis_detection_volume_daily— per-day volume (COUNT(*) authoritative + secondarydistinct_sessions).crisis_detection_liveness— total +last_detection_atfor the post-release liveness check.docs/development/crisis-analytics-runbook.md— the <5-min post-release confidence check: synthetic-detection liveness assertion, drift scan, monthly PII-free export, three-store latency split.Privacy (compliance sign-off)
PII-free by construction: bucketed counts only, never
user_id/session_id(the lonesession_iduse isCOUNT(DISTINCT …), a cardinality), neverSELECT *. Operator-only (not granted to authenticated/anon). k-anonymity NOT claimed (per DPIA v1.2); no low-count suppression (a safety monitor must not hide the first/rare crisis).severity_bucket='undefined'rows are surfaced, not filtered — they made the inline-Q9 emit bug visible (now fixed in DEBUG-218).Notes
a3ed368; crisis + compliance sign-off per the work item.🤖 Generated with Claude Code