F-003 fix: Sanitize SQL dump for safe dev use
This commit is contained in:
25
work/artifacts/F-003/architect.md
Normal file
25
work/artifacts/F-003/architect.md
Normal file
@@ -0,0 +1,25 @@
|
||||
# Architect Artefact — Feature: F-003
|
||||
|
||||
## SDD Changes
|
||||
- Added `spec/sdd/decisions/003-replace-raw-sql-with-sanitized-dev-baseline.md`
|
||||
- Extended product, tech, and acceptance specs for F-003
|
||||
- Will update development baseline component doc to reflect sanitized synthetic dataset
|
||||
|
||||
## BDD Coverage
|
||||
- Added `spec/bdd/features/data/sanitized-sql-baseline.feature`
|
||||
- Coverage target:
|
||||
- tracked SQL baseline is sanitized
|
||||
- private local data handling is documented
|
||||
|
||||
## Technical decisions
|
||||
- Keep the current tracked SQL path for compatibility.
|
||||
- Replace raw snapshot content with a small sanitized baseline.
|
||||
- Seed only the tables and sample data needed by the legacy PHP module.
|
||||
|
||||
## Risks found
|
||||
- Raw dump still exists in git history from earlier commits.
|
||||
- Synthetic baseline may not cover every future workflow without more fixtures.
|
||||
|
||||
## Next step
|
||||
- Replace tracked SQL file content with safe synthetic baseline.
|
||||
- Add SQL handling docs and ignored path guidance.
|
||||
19
work/artifacts/F-003/documenter.md
Normal file
19
work/artifacts/F-003/documenter.md
Normal file
@@ -0,0 +1,19 @@
|
||||
# Documenter Artefact — Feature: F-003
|
||||
|
||||
## What changed
|
||||
- Replaced the tracked SQL baseline with a sanitized development dump.
|
||||
- Added SQL handling docs at `project/sql/README.md`.
|
||||
- Added ignored private SQL path guidance in `.gitignore`.
|
||||
- Updated SDD, ADR, and BDD trace for safe SQL handling.
|
||||
|
||||
## Important files
|
||||
- `project/sql/db-25052026.sql`
|
||||
- `project/sql/README.md`
|
||||
- `spec/sdd/components/development-data-baseline.md`
|
||||
- `spec/sdd/decisions/003-replace-raw-sql-with-sanitized-dev-baseline.md`
|
||||
- `spec/bdd/features/data/sanitized-sql-baseline.feature`
|
||||
|
||||
## Notes
|
||||
- The current tracked tree uses only synthetic SQL seed data for module development.
|
||||
- Any private raw dump must stay outside git or under ignored local paths.
|
||||
- Full purge of earlier raw SQL from git history would be separate work if required.
|
||||
32
work/artifacts/F-003/implementer.md
Normal file
32
work/artifacts/F-003/implementer.md
Normal file
@@ -0,0 +1,32 @@
|
||||
# Implementer Artefact — Feature: F-003
|
||||
|
||||
## Summary
|
||||
Replaced the tracked raw SQL snapshot with a small sanitized development baseline.
|
||||
Kept the same tracked SQL path for compatibility.
|
||||
Added docs for safe local SQL handling and private raw dump storage outside git.
|
||||
|
||||
## Changes
|
||||
- replaced `project/sql/db-25052026.sql` content with sanitized schema and synthetic seed data
|
||||
- added `project/sql/README.md`
|
||||
- updated `.gitignore` with ignored private SQL path
|
||||
- updated `project/README.md`
|
||||
- updated design docs for development baseline
|
||||
|
||||
## Evidence
|
||||
- tracked SQL file size changed from about `229M` to `6.8K`
|
||||
- data risk scan on tracked SQL file found no customer/order/production URL patterns
|
||||
- sanitized SQL baseline contains `11` table definitions
|
||||
- sanitized SQL baseline contains `10` seed insert blocks
|
||||
- `./scripts/verify.sh` -> OK
|
||||
|
||||
## Checks run
|
||||
- `ls -lh project/sql/db-25052026.sql`
|
||||
- `head -n 40 project/sql/db-25052026.sql`
|
||||
- `rg -n "(@|CLIENTE|order_id=|mercadodevida\.es|stripe|hotmail|gmail|phone=|oo6478022A|admin_natural)" project/sql/db-25052026.sql`
|
||||
- `python3` table and insert count check on `project/sql/db-25052026.sql`
|
||||
- `./scripts/verify.sh`
|
||||
|
||||
## Notes
|
||||
- Current tracked tree is safe for local module work.
|
||||
- Earlier raw dump still exists in git history from past commits and would need history rewrite if full purge is required.
|
||||
- Private raw snapshots should stay outside git or under ignored local paths only.
|
||||
14
work/artifacts/F-003/leader-close.json
Normal file
14
work/artifacts/F-003/leader-close.json
Normal file
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"feature_id": "F-003",
|
||||
"agent": "leader",
|
||||
"verdict": "APPROVED",
|
||||
"summary": "All required non-leader gates are approved for F-003. The active tracked SQL baseline is sanitized, documented, and verified.",
|
||||
"evidence": [
|
||||
"Reviewed work/artifacts/F-003/reviewer.json -> APPROVED",
|
||||
"Reviewed work/artifacts/F-003/security.json -> APPROVED",
|
||||
"Reviewed work/artifacts/F-003/qa.json -> APPROVED",
|
||||
"Reviewed work/artifacts/F-003/documenter.md",
|
||||
"Ran ./scripts/verify.sh -> OK"
|
||||
],
|
||||
"timestamp": "2026-05-25T06:16:00Z"
|
||||
}
|
||||
11
work/artifacts/F-003/publish.json
Normal file
11
work/artifacts/F-003/publish.json
Normal file
@@ -0,0 +1,11 @@
|
||||
{
|
||||
"agent": "leader",
|
||||
"verdict": "PUBLISHED",
|
||||
"feature_id": "F-003",
|
||||
"branch": "main",
|
||||
"remote": "origin",
|
||||
"message": "F-003 fix: Sanitize SQL dump for safe dev use",
|
||||
"pushed": true,
|
||||
"published_at": "2026-05-25T06:14:34Z",
|
||||
"note": "This artifact is committed inside the publish commit for this ticket."
|
||||
}
|
||||
21
work/artifacts/F-003/qa.json
Normal file
21
work/artifacts/F-003/qa.json
Normal file
@@ -0,0 +1,21 @@
|
||||
{
|
||||
"feature_id": "F-003",
|
||||
"agent": "qa",
|
||||
"verdict": "APPROVED",
|
||||
"summary": "Acceptance for safe SQL baseline is satisfied. The tracked SQL file is sanitized, docs exist, local development path remains documented, and harness verification is green.",
|
||||
"traceability": [
|
||||
"AC: Repo no longer stores the raw production-like SQL dump as active baseline -> tracked SQL file content replaced with synthetic baseline",
|
||||
"AC: Tracked SQL baseline contains only safe synthetic or non-sensitive data -> risk scan returned no customer/order/production patterns",
|
||||
"AC: Safe local data handling is documented -> project/sql/README.md and .gitignore private path guidance exist",
|
||||
"AC: Local development remains possible -> sanitized SQL includes module schema and synthetic seed data for 11 tables",
|
||||
"AC: verify.sh is green -> ./scripts/verify.sh passed after changes"
|
||||
],
|
||||
"evidence": [
|
||||
"Reviewed spec/bdd/features/data/sanitized-sql-baseline.feature",
|
||||
"Reviewed project/sql/db-25052026.sql",
|
||||
"Reviewed project/sql/README.md",
|
||||
"Reviewed work/artifacts/F-003/implementer.md",
|
||||
"Checked verify output is OK"
|
||||
],
|
||||
"timestamp": "2026-05-25T06:15:00Z"
|
||||
}
|
||||
13
work/artifacts/F-003/reviewer.json
Normal file
13
work/artifacts/F-003/reviewer.json
Normal file
@@ -0,0 +1,13 @@
|
||||
{
|
||||
"feature_id": "F-003",
|
||||
"agent": "reviewer",
|
||||
"verdict": "APPROVED",
|
||||
"summary": "SQL baseline strategy is coherent. The tracked SQL file now targets local module needs with a focused schema and synthetic seed data, and docs explain private raw dump handling.",
|
||||
"evidence": [
|
||||
"Reviewed project/sql/db-25052026.sql",
|
||||
"Reviewed project/sql/README.md",
|
||||
"Reviewed spec/sdd/decisions/003-replace-raw-sql-with-sanitized-dev-baseline.md",
|
||||
"Reviewed work/artifacts/F-003/implementer.md"
|
||||
],
|
||||
"timestamp": "2026-05-25T06:15:00Z"
|
||||
}
|
||||
28
work/artifacts/F-003/security.json
Normal file
28
work/artifacts/F-003/security.json
Normal file
@@ -0,0 +1,28 @@
|
||||
{
|
||||
"feature_id": "F-003",
|
||||
"agent": "security",
|
||||
"verdict": "APPROVED",
|
||||
"summary": "The active tracked SQL baseline no longer contains raw production-like customer or order data. The repo now documents that any private raw snapshot must stay outside git or in ignored local paths.",
|
||||
"checks": [
|
||||
"tracked SQL data-risk scan",
|
||||
"private path and docs review",
|
||||
"working tree review"
|
||||
],
|
||||
"findings": [
|
||||
{
|
||||
"severity": "medium",
|
||||
"title": "Earlier raw snapshot still exists in git history",
|
||||
"status": "accepted-risk",
|
||||
"paths": [
|
||||
"git history before F-003 publish"
|
||||
]
|
||||
}
|
||||
],
|
||||
"evidence": [
|
||||
"Tracked SQL file now contains a 6.8K sanitized synthetic baseline",
|
||||
"Data-risk scan on project/sql/db-25052026.sql returned no customer/order/production URL patterns",
|
||||
"Reviewed project/sql/README.md and .gitignore entry for project/sql/private/",
|
||||
"Confirmed current working tree no longer ships raw production-like SQL dump content"
|
||||
],
|
||||
"timestamp": "2026-05-25T06:15:00Z"
|
||||
}
|
||||
Reference in New Issue
Block a user