Authority P1 Hardening — 07 Regression Guard + Teeth
07 — Regression Guard + Teeth
Two layers
- Live-derived def guard
v_authority_p1_regression_guard— introspects the actual function bodies and lifecycle in production, so it FAILS the moment any fix is reverted. This is the machine-visible regression sentinel with real teeth. - Rehearsal evidence ledger
v_authority_p1_teeth_tests— records the runtime outcomes of the BEGIN..ROLLBACK rehearsal (proof the live engine actually enforces, not just that the code text matches).
v_authority_p1_regression_guard (all PASS, live)
| Test | Asserts | Severity |
|---|---|---|
| T1_add_insert_stays_pending | fn_auto_approve_add does not set status=approved at INSERT | P0 |
| T2_pending_to_approved_requires_quorum | quorum_check enforces president<1 and council<2 raises | P0 |
| T3_approved_to_applied_requires_reproof | apply guard calls quorum_passed before null-action early-return | P1 |
| T4_scanner_cannot_autoapply_without_quorum | auto_apply_approval gates on quorum_passed | P1 |
| T5_rejected_terminal_cannot_apply | lifecycle marks applied/rejected/expired terminal | P0 |
| T6_ai_cannot_satisfy_president_vote_approve_gate | quorum_check president = human AND ILIKE %president% | P0 |
| T7_ai_cannot_satisfy_president_vote_apply_reproof | quorum_passed president identity rule | P0 |
| T8_p0_bypass_sentinel_failclosed | containment marker present in fn_auto_approve_add | P0 |
All 8 blocking assertions PASS. The macro's eight required teeth map onto these: (1) add stays pending → T1; (2) pending→approved requires quorum → T2; (3) approved→applied requires re-proof → T3; (4) scanner cannot auto-apply without allowlist/quorum → T4; (5) rejected/terminal cannot apply → T5; (6) AI cannot satisfy president vote → T6/T7; (7) historical ratification cannot fake vote → enforced by T6/T7 (president identity cannot be an ai_council row) plus the no-fake-vote safety invariant (apr_approvals=42); (8) P0 bypass sentinel remains fail-closed → T8.
v_authority_p1_teeth_tests (rehearsal results)
TEST1 PASS, TEST2 PASS, TEST3 GAP-CONFIRMED (pre-fix), TEST4 PASS, TEST5 PASS, TEST6 PASS, TEST7 PASS. Plus committed-state LIVE-NEG (blocked) and LIVE-POS (applies) after COMMIT.
Cross-guard flips (prior-session guards now green by design)
v_authority_quorum_regression_guard.scanner_autoapply_quorum_gated: was the known-open P1; now PASS (auto_apply_approval contains quorum_passed).v_authority_lifecycle_failclosed_guard.apply_quorum_reproof_present: was hard-coded false; refreshed to live-derived and now PASS + blocking.
Aggregate
0 blocking guard failures across all six guard families (p0_contained, apply_nogo, scanner_nogo, p1_regression, lifecycle_failclosed, quorum_regression). The regression guard will trip (turn false) if anyone reverts either function patch — that is its teeth.