migrate / verify
01 — The shadow gate
A throwaway database that takes the hit first.
verify runs 4 internal stages against a parallel Postgres database: connect and reset, apply pending migrations, introspect the result, diff against your declared schema. Production stays untouched — no advisory lock, no persisted audit rows.
Reset, apply, introspect, diff. In that order.
- connect + resetConnect to the configured shadowAdapter and run the optional resetShadow hook (usually DROP SCHEMA public CASCADE).
- apply on shadowRun every pending migration against the shadow DB. Destructive ops allowed here; this copy is disposable.
- introspectRead the shadow's live structure back into a SchemaGraph — the actual result of your migrations.
- diff vs declaredDiff the introspected graph against your declared schema. Empty diff = ok; anything else is drift.
Production stays locked while the shadow runs the full sequence. The report lands in stdout — CI scripts branch on the verdict, not on thrown exceptions.
Pick the cheapest that gives you isolation.
Two Postgres containers on different ports. Reset between verifies. Cheapest local setup.
Each verdict has a next step.
okdriftapply-failedshadow-unreachableOne honest caveat about drift. Introspection can't always represent a type or default identically to how you wrote it — so a clean migration can occasionally surface a false-positive drift line. Proof suite finding: residual createTable + dropTable (representation gap) on matching plans; real drift still reports ok: false.
The gate is one stage. See the rest.
Shadow verify slots between plan and apply. Here's where the surrounding stages go deeper.
Lifecycle, in depth
Generate, plan, verify, apply, audit — every flag, every output, every artifact path.
/migrate/lifecycleRisk model
6 levels, 21 reason codes, 7 gates, 31 op kinds. The full classifier.
/migrate/riskRecovery
5 artifact kinds, the bookkeeping table, the 7-verb recover CLI.
/migrate/recoverAudit + history
5 Postgres tables track every migration, step, snapshot, and artifact.
/migrate/auditelsewhere