F-003 fix: Sanitize SQL dump for safe dev use

This commit is contained in:
rikrdo
2026-05-25 08:14:34 +02:00
parent 3d41579ad3
commit e6feea5ee6
24 changed files with 483 additions and 1187942 deletions

View File

@@ -0,0 +1,28 @@
{
"feature_id": "F-003",
"agent": "security",
"verdict": "APPROVED",
"summary": "The active tracked SQL baseline no longer contains raw production-like customer or order data. The repo now documents that any private raw snapshot must stay outside git or in ignored local paths.",
"checks": [
"tracked SQL data-risk scan",
"private path and docs review",
"working tree review"
],
"findings": [
{
"severity": "medium",
"title": "Earlier raw snapshot still exists in git history",
"status": "accepted-risk",
"paths": [
"git history before F-003 publish"
]
}
],
"evidence": [
"Tracked SQL file now contains a 6.8K sanitized synthetic baseline",
"Data-risk scan on project/sql/db-25052026.sql returned no customer/order/production URL patterns",
"Reviewed project/sql/README.md and .gitignore entry for project/sql/private/",
"Confirmed current working tree no longer ships raw production-like SQL dump content"
],
"timestamp": "2026-05-25T06:15:00Z"
}