From 9051fe644aea81a9abf7fa37e91bb8d046d835d4 Mon Sep 17 00:00:00 2001 From: tegwick Date: Sun, 26 Apr 2026 14:06:21 +0200 Subject: [PATCH] chore(workplan): add T07 schema migration guard for vocabulary_ref MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit References EP-CAP-003 (custodian capabilities domain) — ensures the ApprovedAbility/ApprovedCapability name fields leave room for a future nullable vocabulary_ref without a painful migration. Guard task only, no schema changes needed now. Co-Authored-By: Claude Sonnet 4.6 --- .../RREG-WP-0002-production-hardening.md | 32 ++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/workplans/RREG-WP-0002-production-hardening.md b/workplans/RREG-WP-0002-production-hardening.md index 4e12e7e..68b9c6b 100644 --- a/workplans/RREG-WP-0002-production-hardening.md +++ b/workplans/RREG-WP-0002-production-hardening.md @@ -24,7 +24,7 @@ are reviewable; approved registry truth is explicit. ```task id: RREG-WP-0002-T01 -status: todo +status: in_progress priority: high state_hub_task_id: "a27142a6-c160-4453-ab59-50a7db92f9c4" ``` @@ -106,3 +106,33 @@ Versioned API path or explicit compatibility policy. Golden OpenAPI snapshot tes schema-diff check. More response examples for discovery and change-review endpoints. Error response schema for common 400/404 cases. Acceptance: breaking changes are deliberate and visible in tests; agent-facing endpoints have stable models. + +## Schema migration guard for vocabulary_ref (EP-CAP-003) + +```task +id: RREG-WP-0002-T07 +status: todo +priority: medium +state_hub_task_id: "6f06d8bb-0ed9-47f1-8b3e-40f725e6ece6" +``` + +Audit the `ApprovedAbility` and `ApprovedCapability` (and `ApprovedFeature`) name +fields to ensure no constraints would make adding a future nullable `vocabulary_ref` +column a painful migration. Specifically verify: + +- No CHECK constraints that assume name is the sole identity of an ability/capability +- No unique indexes on name alone (name + vocabulary_ref will be the future key) +- No foreign keys from other tables pointing at name as a natural key +- `ReviewDecision` records reference row IDs, not name strings + +This is a guard task, not an implementation task — no new columns needed now. The +goal is to confirm the v0.1 schema leaves the door open. Document the finding in +a short ADR note or inline comment. + +Context: EP-CAP-003 (Custodian State Hub, capabilities domain) — capability names +are free-text in v0.1 but will eventually need anchoring to a named vocabulary +version as terminology standardises from local ontology toward domain standard and +commodity specification. EP-CAP-002 documents the related constraint that SBOM +evidence can only corroborate or contradict capability claims, never generate them; +the confidence scoring model will need named evidence factors when SBOM +cross-referencing is added.