P9 Trigger Guard DROP Repair Log - 2026-04-28 RUN2

Scope: patch public.fn_evt_trigger_guard_drop() on directus and incomex_metadata. Executor: Claude Code via SSH contabo. Execution role: workflow_admin for mutation and smoke. Excluded: no Gate B/C, no TAC data mutation, no seed, no roles/permissions, no DDL guard modification, no trigger_guard_alerts schema change.

Verdict

PASS.

Both DBs patched and smoke-tested successfully. DROP TRIGGER no longer crashes; audit rows were inserted with non-null trigger_name and actual_enabled=false; event triggers remain enabled; smoke tables/functions/triggers were cleaned up.

3 cau Tuyen ngon

1. Vinh vien: DROP guard now uses object_identity fallback instead of nullable object_name.
2. Nham duoc khong: INSERT is schema-qualified and function search_path is locked to pg_catalog, public.
3. 100% tu dong: precheck, mutation, smoke, residue check, and post-verify ran on VPS with captured output.

Secret Hygiene

SECRET_SCAN_CLEAN

Raw Evidence

# RUN manual phases 2026-04-28T12:00:47+02:00

## PRECHECK directus
current_user=directus current_database=directus
workflow_admin login verified on directus
workflow_admin is function owner/superuser/member: true
fn_evt_trigger_guard: owner=workflow_admin security_definer=false proconfig={search_path=pg_catalog, public}
fn_evt_trigger_guard_drop: owner=workflow_admin security_definer=false proconfig=NULL source_md5=bff624d16bdcf11538500c6d7194f553
Event triggers: evt_trigger_guard_ddl=O, evt_trigger_guard_drop=O
Smoke table leftovers: 0

## PRECHECK incomex_metadata
current_user=directus current_database=incomex_metadata
workflow_admin login verified on incomex_metadata
workflow_admin is function owner/superuser/member: true
fn_evt_trigger_guard: owner=workflow_admin security_definer=true proconfig={search_path=pg_catalog, public}
fn_evt_trigger_guard_drop: owner=workflow_admin security_definer=false proconfig=NULL source_md5=bff624d16bdcf11538500c6d7194f553
Event triggers: evt_trigger_guard_ddl=O, evt_trigger_guard_drop=O
Smoke table leftovers: 0

## MUTATION directus SECURITY INVOKER
BEGIN
CREATE FUNCTION
ALTER FUNCTION
COMMIT

## SMOKE directus
smoke_table=tg_drop_smoke_directus_20260428120120
smoke_function=fn_tg_drop_smoke_directus_20260428120120
smoke_trigger=trg_tg_drop_smoke_directus_20260428120120
BEGIN
CREATE TABLE
CREATE FUNCTION
CREATE TRIGGER
DROP TRIGGER
DROP FUNCTION
DROP TABLE
COMMIT
Audit rows:
- id=145 trigger_name="trg_tg_drop_smoke_directus_20260428120120 on public.tg_drop_smoke_directus_20260428120120" table_name=public expected=true actual=false
- id=144 trigger_name="trg_tg_drop_smoke_directus_20260428120120 on public.tg_drop_smoke_directus_20260428120120" table_name=unknown expected=true actual=true
Smoke table leftovers: 0

## POSTVERIFY directus
fn_evt_trigger_guard_drop owner=workflow_admin security_definer=false proconfig={search_path=pg_catalog, public}
uses_object_identity=true schema_qualified=true has_coalesce=true
Event triggers: evt_trigger_guard_ddl=O, evt_trigger_guard_drop=O

## MUTATION incomex_metadata SECURITY DEFINER
BEGIN
CREATE FUNCTION
ALTER FUNCTION
COMMIT

## SMOKE incomex_metadata
smoke_table=tg_drop_smoke_incomex_metadata_20260428120207
smoke_function=fn_tg_drop_smoke_incomex_metadata_20260428120207
smoke_trigger=trg_tg_drop_smoke_incomex_metadata_20260428120207
BEGIN
CREATE TABLE
CREATE FUNCTION
CREATE TRIGGER
DROP TRIGGER
DROP FUNCTION
DROP TABLE
COMMIT
Audit rows:
- id=8 trigger_name="trg_tg_drop_smoke_incomex_metadata_20260428120207 on public.tg_drop_smoke_incomex_metadata_20260428120207" table_name=public expected=true actual=false
- id=7 trigger_name="trg_tg_drop_smoke_incomex_metadata_20260428120207 on public.tg_drop_smoke_incomex_metadata_20260428120207" table_name=unknown expected=true actual=true
Smoke table leftovers: 0

## POSTVERIFY incomex_metadata
fn_evt_trigger_guard_drop owner=workflow_admin security_definer=true proconfig={search_path=pg_catalog, public}
uses_object_identity=true schema_qualified=true has_coalesce=true
Event triggers: evt_trigger_guard_ddl=O, evt_trigger_guard_drop=O

## OVERALL_PASS

Per-DB Result

• directus: PASS. DROP guard remains SECURITY INVOKER; search_path=pg_catalog, public; smoke audit row id 145 (actual_enabled=false); residue count 0.
• incomex_metadata: PASS. DROP guard is now SECURITY DEFINER; search_path=pg_catalog, public; smoke audit row id 8 (actual_enabled=false); residue count 0.

Stop Point

STOP after repair log upload. No Gate B/C executed.