Stage 2.6A — Hardcode Inventory + Risk Classification
01 — Hardcode Inventory + Risk Classification (SUPERTRACK A)
Codex's hardcode findings were reproduced against live source (pg_get_functiondef / pg_get_viewdef), not from the old report. The inventory is governed in table qt001_hardcode_inventory with views v_qt001_hardcode_inventory, v_qt001_hardcode_risk_classification, v_qt001_hardcode_no_go_guard.
Findings (11)
| Code | Object | Class | Authority gate | Remediation |
|---|---|---|---|---|
| HC-01 TIER1 fixed list | fn_qt001_refresh_plan_snapshot | DANGEROUS_HARDCODE | yes | SUPERSEDED_BY_REGISTRY (validated-collection + plan registry) |
| HC-02 literal signoff false | v_qt001_apply_readiness_guard_v2 | DANGEROUS_HARDCODE | yes | SUPERSEDED_BY_REGISTRY (signoff registry) |
| HC-03 hardcoded 39-collection UNION | v_birth_qt001_dryrun_result | DANGEROUS_HARDCODE | no | SUPERSEDED_BY_REGISTRY (fn_qt001_plan_all + plan registry) |
| HC-04 double-colon resolver | v_birth_qt001_dryrun_result | DANGEROUS_HARDCODE | no | OPEN_NEXT_LAYER (parity/keyset) |
| HC-05 flawed parity formula | fn_qt001_refresh_plan_snapshot | DANGEROUS_HARDCODE | yes | OPEN_NEXT_LAYER — demoted to signal-only in v3 |
| HC-06 permit template literal tiers | v_qt001_permit_template | DANGEROUS_HARDCODE | no | SUPERSEDED_BY_REGISTRY (tier registry) |
| HC-07 inferred trigger metadata not reconciled | plan strategy metadata | UNKNOWN_BLOCK | no | OPEN_NEXT_LAYER (TG_ARGV scanner) |
| HC-08 delta/count pins (137/5/8/42/129/md5) | multiple guards | TEMPORARY_SENTINEL_OK | no | CLASSIFIED_RETAINED (drift pins only) |
| HC-09 planner discovery from collection_registry | fn_qt001_plan_all | METADATA_DRIVEN_OK | no | NO_ACTION_NEEDED |
| HC-10 false-pass snapshot freshness (count>0) | snapshot guards | DANGEROUS_HARDCODE | yes | SUPERSEDED_BY_REGISTRY (checksum + source_metadata_hash + generated_at) |
| HC-11 conservation-invariant gap | qt001_plan_snapshot parity model | UNKNOWN_BLOCK | no | OPEN_NEXT_LAYER (four-way invariant separation) |
Classification summary
DANGEROUS_HARDCODE 6 · UNKNOWN_BLOCK 2 · TEMPORARY_SENTINEL_OK 1 · METADATA_DRIVEN_OK 1 (HC-09) · plus HC-11 UNKNOWN_BLOCK = 11 total. Nothing left unclassified.
Key reproduction evidence (live)
- HC-01: the snapshot refresh function literally branches
WHEN p.collection_name IN ('dot_domain_rules','apr_approvals','normative_relations','apr_action_types','field_type_equivalences') THEN 'TIER1_CODEX_VALIDATED'. - HC-02:
v_qt001_apply_readiness_guard_v2ends with the VALUES literal('independent_reaudit_signed_off', false). - HC-03/HC-04:
v_birth_qt001_dryrun_resultis a 39-branch UNION ALL whose existence probes usecollection::id(double colon) where the realtime trigger writescollection:id(single colon). - HC-05: the snapshot computes
apply_safe := existing_births = (src_rows - expected_delta - unresolvable)— a conservation-invalid invariant that cannot distinguish conserved history from identity mismatch. - HC-09:
fn_qt001_plan_alliteratescollection_registry WHERE coverage_status='BIRTH_REQUIRED'— genuinely metadata-driven; acceptable.
Completeness guard
v_qt001_hardcode_no_go_guard.pass = true: unclassified = 0, and every dangerous authority-gate hardcode is either superseded now (HC-01, HC-02, HC-10) or explicitly routed to a next layer (HC-05). No dangerous authority gate is left unrouted. The non-authority dangerous items (HC-03 superseded, HC-04 routed) and modeling gaps (HC-07, HC-11) are tracked.
What changed vs what is retained
The old hardcoded objects (snapshot refresh function, dryrun_result, readiness_v2, permit_template) are retained (additive/reversible macro) but are no longer the authority path — the v3 readiness + plan/tier/signoff registries are. HC-03/HC-08 reference views are kept only as drift comparators.