stemedb/applications/aphoria/dogfood/dbpool/scan-results-v3.json

{
  "claim_verification": [
    {
      "claim_id": "aphoria-no-unwrap-001",
      "concept_path": "aphoria/production/error_handling",
      "explanation": "No matching observation found",
      "invariant": "Production code MUST NOT use unwrap() or expect()",
      "verdict": "MISSING"
    },
    {
      "claim_id": "aphoria-bridge-tier-001",
      "concept_path": "aphoria/bridge/tier_assignment",
      "explanation": "Expected observation to be present, but none found",
      "invariant": "Observation-to-assertion bridge MUST assign Community tier by default",
      "verdict": "MISSING"
    },
    {
      "claim_id": "aphoria-lifecycle-skip-001",
      "concept_path": "aphoria/bridge/lifecycle",
      "explanation": "Expected observation to be present, but none found",
      "invariant": "Observations bypass Pending lifecycle stage",
      "verdict": "MISSING"
    },
    {
      "claim_id": "aphoria-tls-verify-001",
      "concept_path": "aphoria/tls/cert_verification",
      "explanation": "Forbidden value not found (as expected)",
      "invariant": "TLS certificate verification MUST NOT be disabled in production code",
      "verdict": "PASS"
    },
    {
      "claim_id": "aphoria-no-tokio-core-001",
      "concept_path": "stemedb_core/imports/tokio",
      "explanation": "Forbidden value not found (as expected)",
      "invariant": "stemedb-core MUST NOT import tokio to prevent runtime coupling",
      "verdict": "PASS"
    },
    {
      "claim_id": "aphoria-no-md5-001",
      "concept_path": "aphoria/crypto/hashing/algorithm",
      "explanation": "No observations found (no contradiction)",
      "invariant": "MD5 MUST NOT be used for hashing in any security context",
      "verdict": "PASS"
    },
    {
      "claim_id": "aphoria-no-wildcard-cors-001",
      "concept_path": "aphoria/cors/allow_origin",
      "explanation": "Forbidden value not found (as expected)",
      "invariant": "CORS MUST NOT use wildcard (*) origin in production services",
      "verdict": "PASS"
    },
    {
      "claim_id": "aphoria-jwt-audience-001",
      "concept_path": "aphoria/jwt/audience_validation",
      "explanation": "Forbidden value not found (as expected)",
      "invariant": "JWT audience validation MUST NOT be disabled",
      "verdict": "PASS"
    },
    {
      "claim_id": "aphoria-hsts-enabled-001",
      "concept_path": "aphoria/security_headers/hsts",
      "explanation": "Forbidden value not found (as expected)",
      "invariant": "HSTS header MUST NOT be disabled on HTTPS-serving endpoints",
      "verdict": "PASS"
    },
    {
      "claim_id": "aphoria-no-hardcoded-secrets-001",
      "concept_path": "aphoria/secrets/api_key",
      "explanation": "Forbidden value not found (as expected)",
      "invariant": "API keys MUST NOT be hardcoded in source files",
      "verdict": "PASS"
    },
    {
      "claim_id": "dbpool-max-conn-required-001",
      "concept_path": "dbpool/config/max_connections",
      "explanation": "No matching observation found",
      "invariant": "max_connections MUST be a required field, not Optional",
      "verdict": "MISSING"
    },
    {
      "claim_id": "dbpool-plaintext-pwd-001",
      "concept_path": "dbpool/config/connection_string",
      "explanation": "No matching observation found",
      "invariant": "Connection strings MUST NOT contain plaintext passwords",
      "verdict": "MISSING"
    },
    {
      "claim_id": "dbpool-max-lifetime-required-001",
      "concept_path": "dbpool/config/max_lifetime",
      "explanation": "No matching observation found",
      "invariant": "max_lifetime MUST be a required field, not Optional",
      "verdict": "MISSING"
    },
    {
      "claim_id": "dbpool-conn-timeout-max-001",
      "concept_path": "dbpool/config/connection_timeout",
      "explanation": "No matching observation found",
      "invariant": "connection_timeout MUST NOT exceed 30 seconds",
      "verdict": "MISSING"
    },
    {
      "claim_id": "dbpool-min-conn-minimum-001",
      "concept_path": "dbpool/config/min_connections",
      "explanation": "No matching observation found",
      "invariant": "min_connections MUST be at least 2",
      "verdict": "MISSING"
    },
    {
      "claim_id": "dbpool-validation-required-001",
      "concept_path": "dbpool/config/validate_on_checkout",
      "explanation": "No matching observation found",
      "invariant": "validate_on_checkout MUST be enabled",
      "verdict": "MISSING"
    },
    {
      "claim_id": "dbpool-metrics-recommended-001",
      "concept_path": "dbpool/config/enable_metrics",
      "explanation": "No matching observation found",
      "invariant": "Metrics collection SHOULD be enabled for production deployments",
      "verdict": "MISSING"
    }
  ],
  "conflicts": [],
  "deprecated_usages": [],
  "drifts": [],
  "project": "dbpool",
  "scan_id": "scan-1770691052368",
  "strict": false,
  "summary": {
    "acks": 0,
    "authority_conflicts": 0,
    "blocks": 0,
    "claims_conflict": 0,
    "claims_missing": 10,
    "claims_pass": 7,
    "claims_total": 17,
    "claims_unclaimed": 21,
    "deprecated_usages": 0,
    "drifts": 0,
    "files_scanned": 9,
    "flags": 0,
    "observations_extracted": 22,
    "observations_recorded": 0,
    "passes": 0
  }
}