chore: MAINT-226 ratify audit follow-up decisions (cert pinning, auth model, crisis 15β19, fail-safe breaker)#139
Merged
Conversation
β¦ model, crisis 15β19, fail-safe breaker) Decision spike (T0b, risk rank #1 enabler). No application code changes β adds the decision record that gates downstream tranches T2/T12/T13. - C/SEC-03 cert pinning: remove false pin_validation_success claim now; defer real pinning - D/SEC-09 auth: anonymous-session (signInAnonymously + auth.uid RLS); the live finding is that current_setting('app.device_id') is never set β RLS effectively unenforced - E/TEST-07: PHQ-9 15β19 must emit a distinct support tier; consolidate detectCrisis - F/SEC-07: crisis breaker non-breakable + fail-safe toward support (kills isCrisis:false default) Signed off by security, compliance, crisis, philosopher; ratified by owner. π€ Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes MAINT-226
Decision spike (T0b, risk rank #1 enabler) from the 2026-06-06 multi-dimension audit of
development. No application code changes β adds the decision recorddocs/development/audits/MAINT-226-audit-followup-decisions-2026-06-06.mdthat gates downstream tranches T2/T12/T13.Four decisions, specialist-signed (security, compliance, crisis, philosopher) and owner-ratified:
pin_validation_successclaim now (no TLS pinning is actually performed); defer real pinning. Not a launch blocker. β T2signInAnonymously+auth.uid()RLS); reject device-attestation. Live finding:current_setting('app.device_id')is never set β RLS effectively unenforced. β T12detectCrisisonly fires at β₯20, a test pins the bug); consolidate to one source of truth. β T13{isCrisis:false}default). β T13π€ Generated with Claude Code