pg-data-integrity-achieves-defense-in-depth
OUT derived (depth 3)
PgApi's data integrity achieves defense-in-depth through both application-level enforcement (write-time referential validation and outlist-aware dependent queries spanning antecedent and outlist references) and comprehensive input validation at all system boundaries, but full defense-in-depth requires database-level foreign key constraints to provide a second independent enforcement layer
Summary
The system currently checks data correctness at the application level in two ways: it validates references when writing data and queries dependencies when reading. It also validates inputs at every boundary. However, this claim is marked as unsupported because true defense-in-depth would require the database itself to independently enforce these same rules through foreign key constraints, providing a safety net if the application-level checks ever fail or are bypassed.
Justifications
SL — Application-level integrity enforcement combined with comprehensive boundary validation provides one defense layer; adding FK constraints would complete the defense-in-depth pattern with a second database-level layer
Antecedents (all must be IN):
- pgapi-enforces-referential-integrity-bidirectionally — PgApi enforces referential integrity in both directions: write-time validation checks all antecedent and outlist IDs exist before inserting justifications, while read-time dependent discovery queries both antecedent and outlist JSONB containment to find all affected nodes.
- input-validation-is-comprehensive-at-all-boundaries — Input validation is enforced at every system boundary through complementary mechanisms: typed exceptions (ValueError for duplicates, PermissionError for access violations) enforce API-level preconditions at the call boundary, while defense-in-depth reference validation (import normalization dropping unknown refs, nogood filtering skipping invalid nodes, hallucinated ID rejection) catches invalid node references at every data-acceptance boundary.
Unless (any of these IN defeats this justification):
- pg-antecedent-refs-have-no-fk-constraints — Antecedent and outlist references in `rms_justifications` are JSONB arrays without foreign key constraints; nonexistent referenced nodes default to truth value OUT via `truth_cache.get(a, "OUT")`.