<code/constitution>

Incident timeline

Every customer-facing incident published within 72 hours of closure. Detection time, root cause, remediation, customer- impact assessment in plain English. We publish what we would want to read.

Disclosure policy

  • Customer notification within 24 hours of detection.
  • Public log entry within 72 hours of closure.
  • Full post-mortem within 5 business days for P1/P2.
  • All entries mirrored to the WORM audit trail.
CC-INC-2026-001P3resolved

codeconstitution.com DNS records absent on new zone

Opened 2026-05-17 10:49 UTC
Closed 2026-05-17 11:15 UTC
Summary

Zone b13823ff… added to Cloudflare without DNS records for apex / www / api / email. Every surface returned curl exit 6 (DNS_FAIL). The probe surface incorrectly reported these as HTTP 600 due to a stderr-merging bug.

Customer impact

Customer-facing only insofar as the public surface didn't resolve. No customer data affected; the GitHub App is still in early-access waitlist. Resolved before any external installs.

Root cause

Two layers: (1) probe bug — `curl -sS … 2>&1 | tr -dc '0-9' | head -c 3` synthesised a fake HTTP 600 from the curl-error-6 + http-code 000 fallback. (2) Real cause — DNS records not provisioned after zone creation.

Remediation

Probe rewritten to capture curl exit code separately and emit truthful DNS_FAIL / CONNECT_FAIL / TIMEOUT / TLS_FAIL verdicts. Shipped cc-dns-bootstrap.yml workflow that creates the four canonical CNAMEs idempotently. Operator action: trigger the workflow + (if not already done) point the domain's nameservers at Cloudflare's at the registrar.

Affected:codeconstitution.comapi.codeconstitution.com

Subscribe

Email [email protected] to receive new incident notifications in real-time.