Follow-up to #233. The vendored packages bring two new Prisma schemas:
packages/monitoring-db/prisma/schema.prismapackages/s-ingest-core/prisma/schema.prisma
checkin's pre-commit hook (.husky/pre-commit → checkin-app/scripts/security-generator.js) regenerates security classifications from schema and blocks commits when a model/field lacks its /// @sensitivity annotation. The vendored schemas were authored in Inventory and do not carry checkin's annotations.
#233 was committed with --no-verify to land the vendor drop; the hook failure there was the un-installed worktree, but these schemas will still need annotating once they are part of the build.
Work
Best done as part of (or right after) the monorepo wire-up issue, once the schemas are actually generated under this repo.
Follow-up to #233. The vendored packages bring two new Prisma schemas:
packages/monitoring-db/prisma/schema.prismapackages/s-ingest-core/prisma/schema.prismacheckin's pre-commit hook (
.husky/pre-commit→checkin-app/scripts/security-generator.js) regenerates security classifications from schema and blocks commits when a model/field lacks its/// @sensitivityannotation. The vendored schemas were authored in Inventory and do not carry checkin's annotations.Work
/// @sensitivityannotations to every model/field in both vendored schemas, per checkin's classification scheme.npx prisma generatein the relevant workspace(s) and stage the regenerated security output.Best done as part of (or right after) the monorepo wire-up issue, once the schemas are actually generated under this repo.