Gate-escape archive
Per Section 17.3.10, this directory holds one entry per gate escape: a Sev 0 / 1 / 2 incident traceable to a missed CI gate.
The archive is what makes the gates-as-review model sustainable. The model assumes that gates are strong enough that any MR which passes them is safe to merge. That assumption is only honest if every escape becomes a permanent improvement to the gate set.
When to write an entry
A gate-escape entry is required when:
- A Sev 0 / 1 / 2 incident occurred (per Section 17.6 once locked).
- Root-cause analysis identifies a gate (CI check, lint rule, test, type check, security scan, etc.) that should have caught the underlying defect but did not.
- The gate either does not exist, or exists but missed the case.
If the incident's root cause is operational (e.g., capacity, third-party outage) and not a code defect, no gate-escape entry is required - the postmortem captures it.
Procedure
- Open the incident postmortem (
docs/postmortems/YYYY-MM-DD-<slug>.md) per Section 17.6. - In the postmortem's "Action items" section, identify which actions are gate-strengthening.
- Create a gate-escape entry at
docs/standards/gate-escapes/YYYY-MM-DD-<slug>.mdsummarizing:- The defect that shipped
- The gate that missed it (or the gate that should exist)
- The fix to the gate (new check, strengthened threshold, new test)
- A regression test that would now catch this defect
- Cross-reference to the postmortem
- Update this index.
Entry template
# Gate escape: <short title>
- **Date:** YYYY-MM-DD
- **Incident severity:** Sev 0 | Sev 1 | Sev 2
- **Postmortem:** [`docs/postmortems/YYYY-MM-DD-<slug>.md`](../../postmortems/YYYY-MM-DD-<slug>.md)
- **Domain:** <domain from Section 17.1>
## What shipped
<2-3 sentences describing the defect>
## Gate that missed
<Which gate(s) from Section 17.3.2 should have caught this. If no gate
exists for this category, say so explicitly.>
## Gate fix
<What changed: a new gate added, a threshold tightened, a new lint rule, a
new test pattern, etc. Include MR link.>
## Regression test
<Pointer to the test that now covers this case. The test must fail without
the fix and pass with it.>
Quarterly review
Per Section 17.2.10 Layer 3, all entries in this archive are reviewed quarterly. The review looks for:
- Repeat patterns (same gate category missing repeatedly)
- Gate categories that consistently miss (signal that the gate is structurally weak)
- Gates that fire often but mostly false-positive (signal that the gate is too aggressive and may be ignored)
If a category recurs, the gate set is restructured rather than patched.
Index
| Date | Severity | Title | Gate fix |
|---|---|---|---|
| (no entries yet) |