# SCRIMED Deployment Drift Guard

Status: deployment-drift-guard-active-no-secret-route-alignment
Default target: https://app.scrimedsolutions.com
Decision: block-external-promotion-until-target-and-repo-match
Guarded routes: 6

## Boundary
SCRIMED Deployment Drift Guard is a no-secret, synthetic-and-metadata-only release control. It compares source-known route expectations with a target deployment before buyer, investor, or operator promotion. It does not deploy code, commit source, apply migrations, expose PHI, authorize clinical care, approve payer submission, write to EHRs, certify compliance, or approve customer go-live.

## Guard Routes
- /scrimed-market-execution: expect 200; owner Revenue Operations + Release Steward; signal A 404 means the live target is behind the current repository build and should not be used as evidence for this capability.
- /enterprise-healthcare-infrastructure: expect 200; owner Interoperability + Security + Release Steward; signal A 404 means the live target is behind the current hospital-infrastructure readiness build and should not be used for buyer, investor, or implementation proof.
- /scrimed-cyber-defense: expect 200; owner Security Lead + Release Steward; signal A missing or stale route weakens buyer security diligence and should block external security-readiness claims.
- /scrimed-intelligence-platform: expect 200; owner Platform Product + Release Steward; signal A missing route means the public deployment cannot support investor or buyer diligence for this architecture layer.
- /release-continuity: expect 200; owner Release Steward; signal A missing route means operators lose the source-to-production checkpoint before promotion or buyer proof release.
- /api/deployment-drift-guard: expect 200; owner Release Steward + Platform Engineering; signal A 404 means the target deployment predates the drift guard and should be treated as stale until redeployed.

## Runbook
- Validate source contract: npm run contract:deployment-drift-guard. Success: Guard constants, routes, docs, scripts, and safety boundaries are present. Failure: Fix source registration before build, deploy, or buyer proof references.
- Validate local rebuilt app: SCRIMED_BASE_URL=http://127.0.0.1:3048 npm run smoke:deployment-drift-guard. Success: Local production server serves every guarded route with expected status codes. Failure: Fix local route, API, or build break before any production deploy.
- Validate production target: SCRIMED_BASE_URL=https://app.scrimedsolutions.com npm run smoke:deployment-drift-guard. Success: Production target matches the guarded source route set. Failure: Treat as deployment drift, deploy the reviewed release candidate, then rerun public and drift smoke.
- Block external promotion on drift: npm run smoke:public. Success: Public smoke and drift guard both pass against the intended target. Failure: Do not use stale routes in buyer demos, investor packets, launch claims, or diligence packets.

## NO-GO Boundaries
- no live PHI
- no autonomous clinical care, diagnosis, treatment, prescribing, or final imaging interpretation
- no payer submission, claim submission, patient outreach, or EHR writeback
- no production connector approval, customer go-live approval, or public certification claim
- no raw secrets, bearer tokens, Supabase service keys, credentials, or connector payloads in logs
- no deploy, commit, migration apply, rollback, or infrastructure mutation authority from this route

## Exact Commands
- npm run contract:deployment-drift-guard
- npm run typecheck
- npm run lint
- npm run test:nonsecret
- npm run build
- SCRIMED_BASE_URL=http://127.0.0.1:3048 npm run smoke:deployment-drift-guard
- SCRIMED_BASE_URL=https://app.scrimedsolutions.com npm run smoke:deployment-drift-guard
- SCRIMED_BASE_URL=https://app.scrimedsolutions.com npm run smoke:public