Incomex AI Portal
KB-6B8D

Codex FIX7 Recheck 2 - Hardcode and PG Native

2 min read Revision 1
fix7codexrecheck-2hardcodepg-native

09 - Hardcode / PG-First-Native-Driven Recheck

Verdicts

  • HARDCODE_FAIL
  • PG_NATIVE_DRIVEN_FAIL

Remaining disguised hardcode

  1. U_legacy roots/exclusions still depend on unexplained “legacy/QT001/DO_NOT_TOUCH” membership, creating a circular or manually selected denominator.
  2. object_type='LEGACY_*' is a new free-text policy vocabulary in an open text column.
  3. The deterministic computed-disposition classifier has no exact truth table, sealed rule rows, version/source binding, or negative tests. The five operational actions can therefore be hidden CASE/code policy.
  4. Authorization package scope/hash remains unparsed external artifact content.

PG-native violations

  • No typed PG authority input for package-specific operator authorization.
  • No exact evidence_id binding for rollback source artifacts.
  • Owner-role/superuser reachability is not controlled as a PG guard contract.
  • Active/history rollback still permits clearing activated_at.

Required T1 fix: do not solve schema constraints by moving authority into prose or classifier code. Either bind behavior to existing approved typed manifests/rules, or explicitly route the necessary semantic contracts as a design-owner correction.

Back to Knowledge Hub knowledge/dev/reports/architecture/codex-fix7-blueprint-recheck-2-after-owner-semantics-patch-2026-06-08/09-hardcode-pg-native-recheck.md