Registry — Always-on debt
<!-- Registry of always-on debt across the monorepo.
Tracks components and code paths that violate one or more clauses of policies/always-on.kmd and have been granted temporary exemption (e.g., pre-policy components catalogued for future refactor, intentional divergence pending owner ratification, transitional state during a rollout that takes >1 release to converge).
This file is the always-on counterpart of registries/self-hosted-pairs.md (for self-hosted-first.kmd) and the planned registries/multi-tenant-debt.md (for multi-tenant-by-default.kmd).
Policy: ..policiesalways-on.kmd -->
This registry agglomerates every known violation of policies/always-on.kmd that has been granted temporary exemption. AI sessions consulting always-on read this file (not the policy text) to know what is in debt and why.
Status (2026-05-24): Registry initialised. Policy
always-on.kmdratified on 2026-05-24. Pre-policy components are not retrofitted automatically — they are catalogued here as violations are discovered (via audits, incident reviews, or AI scans). Each entry must declare which clause is violated, the owner-ratified exemption reason, and the convergence plan.
Conventions
Each row catalogues one violation:
| Field | Meaning |
|---|---|
| Component | domain/area/sector (matches koder.toml path) |
| Clause | The specific R-rule violated (R1.1, R3.2, etc.) |
| Violation | One-line description of the gap |
| Exemption reason | Why the violation is tolerated (pre-policy / transitional / ratified divergence) |
| Owner ratified | Date of explicit owner approval, or pre-policy |
| Convergence plan | What closes the debt, with ticket reference when applicable |
| ETA | Best-known target date for closure (or open) |
Severity follows policies/always-on.kmd § Gate de release:
- error — would block release if violated by a new commit
- warning — advisory; release proceeds with debt entry
Active debt
No entries recorded yet. The first violation discovered after 2026-05-24 (via audit, incident, or PR review) will be appended here with full provenance.
| # | Component | Clause | Severity | Violation | Exemption reason | Owner ratified | Convergence plan | ETA |
|---|
Closed debt (archive)
Once a debt entry is resolved (component refactored or ratified divergence formalised in policy), move it to this section with the closing commit SHA.
| # | Component | Clause | Closed on | Closing commit / PR | Notes |
|---|
How to add an entry
- Open a PR adding the row to Active debt with all fields populated.
- Reference the discovery context (audit run, incident post-mortem, PR thread).
- Owner reviews exemption reason and ratifies in the PR thread; set the "Owner ratified" date to the ratification date, not the discovery date.
- If the violation is not exemptable, the PR introducing the violation is blocked — fix the violation instead of adding the entry.
How to close an entry
- Land the convergence commit / PR.
- In a separate PR, move the row from Active debt to Closed debt (archive) with the closing commit SHA.
- Update affected component's
koder.toml [compat]block if window calibration changed.
Related registries
self-hosted-pairs.md—[self_hosted]blocks across the monorepocomponent-names.md— canonical names; cross-checked bykoder-spec-audit namingkoder-id-auth-coverage.md— auth conformance per surfacekoder-hub-coverage.md— Hub publication state per component- (planned)
multi-tenant-debt.md— exemptions tomulti-tenant-by-default.kmd