# Failure Classification: Post-Cutover Suite Stabilization & Baseline Reconciliation

## Purpose

Use this artifact during later implementation of `293` to record the initial suite baseline, classify every relevant failure, and keep remaining unrelated debt explicit.

## Pinned Failure-Classification Categories

| Category | Meaning |
|---|---|
| `cutover-baseline-debt` | stale test or baseline expectation caused directly by the `287` and `288` cutover truth |
| `cutover-runtime-regression` | current workspace-first primary path is actually broken |
| `unrelated-existing-debt` | existing failure outside the cutover stabilization scope |
| `flaky-or-environment` | nondeterministic or environment-specific failure |
| `resolved-or-not-needed` | initially suspected cutover debt that no longer needs work after classification or adjacent repair |

## Pinned Stabilization Seams

| Seam | Meaning |
|---|---|
| `tenant_panel_baseline` | stale TenantPanel or `panel: 'tenant'` assumptions |
| `legacy_admin_t_routes` | stale `/admin/t/...` management-route assumptions |
| `workspace_aware_operations_routes` | operations links or helpers missing workspace context |
| `legacy_required_permissions_provider_connections` | tenant-scoped required-permissions or provider-connection legacy expectations |
| `action_surface_rebaseline` | stale action-surface expectations caused by the cutover |

## Initial Baseline Seeds

| Group | Seam | Category | Reason | Fix In 293? | Follow-up | Status |
|---|---|---|---|---|---|---|
| `PanelNavigationSegregationTest` | `tenant_panel_baseline`, `legacy_admin_t_routes` | `cutover-baseline-debt` | confirmed: the file still expects `/admin` to return `200` directly and still treats `/admin/t/...` as a live panel entry point | yes | update the baseline to current admin-panel navigation truth and explicit retired-route assertions | confirmed from targeted panel proof set |
| `ActionSurfaceContractTest` | `workspace_aware_operations_routes`, `legacy_required_permissions_provider_connections`, `action_surface_rebaseline` | `cutover-baseline-debt` | still likely mixes old action expectations and old route generation assumptions | yes | rebaseline only cutover-stale expectations | pending initial baseline run |
| `CanonicalViewRunLinksTest`, `OperateHubShellTest`, `FailureSanitizationTest`, `NonLeakageWorkspaceOperationsTest` | `workspace_aware_operations_routes` | `cutover-baseline-debt` | confirmed: the targeted OpsUx proof set still builds `admin.operations.*` URLs without `workspace`, and `OperateHubShellTest` still expects a retired tenant-panel dashboard URL | yes | rebaseline these tests to the canonical workspace-aware routes and current tenant dashboard URL | confirmed from targeted OpsUx proof set |
| `BackupItemsRelationManagerUiEnforcementTest` | `action_surface_rebaseline` | `cutover-baseline-debt` | treat as cutover debt initially, but reclassify if the mismatch proves unrelated during targeted reruns | yes | reclassify if mismatch is unrelated or proves to be a true runtime regression instead | pending initial baseline run |
| `TenantSyncBulkJobTest` | `N/A` | `unrelated-existing-debt` | current summary-count mismatch is not obviously part of the cutover baseline | no unless reclassification proves otherwise | document and leave out of scope | pending initial baseline run |
| `LegacyTenantCoreGuardTest` | `tenant_panel_baseline`, `legacy_admin_t_routes` | `resolved-or-not-needed` | the targeted panel proof set left the guard file green while `PanelNavigationSegregationTest` failed, so the retirement guard already reflects current truth | no | keep as regression proof while stabilizing the stale navigation test | confirmed from targeted panel proof set |
| `NavigationPlacementTest`, view-route assertions in `VerificationAuthorizationTest` | `workspace_aware_operations_routes` | `cutover-baseline-debt` | confirmed: one provider navigation test still used the retired `/admin/operations` entry point and verification view assertions still built `admin.operations.view` without `workspace` or persisted run workspace context | yes | rebaseline to the canonical `/admin/workspaces/{workspace}/operations` routes and seeded run workspace ids | confirmed green in focused reruns after rebaseline |
| `ActionSurfaceContractTest`, `RequiredPermissionsLegacyRouteTest` | `legacy_required_permissions_provider_connections`, `action_surface_rebaseline`, `workspace_aware_operations_routes` | `cutover-baseline-debt` | confirmed: the guard still expected tenant-plane required-permissions URLs, tenant-panel-era operation links, and several stale surface labels/action inventories | yes | rebaseline to canonical workspace/environment required-permissions routes, workspace-aware operation links, and current action labels/inventory | confirmed green in focused reruns after rebaseline |
| `ProviderConnectionListAuthorizationTest` | `action_surface_rebaseline` | `resolved-or-not-needed` | the mismatch proved to be an empty-list header-surface expectation rather than a cutover runtime bug; the current surface hides the header create CTA on an empty list for non-members | no | keep the rebaselined assertion as the current header-surface regression proof | confirmed green in focused rerun |
| `BackupItemsRelationManagerUiEnforcementTest` | `action_surface_rebaseline` | `unrelated-existing-debt` | targeted rerun showed the mid-session membership-revocation mismatch is not a cutover route/panel issue and no longer matches either the old hidden-state assumption or a simple disabled-state rebaseline | no | leave for a dedicated RBAC/action-state follow-up outside spec 293 | confirmed from targeted rerun |
| `ProviderConnectionNeutralitySpec238Test` | `N/A` | `unrelated-existing-debt` | current provider connection detail copy no longer contains `Provider identity details`; this is a neutral-surface wording drift unrelated to workspace-first cutover seams | no | leave for a provider-surface wording follow-up | confirmed from post-rebaseline provider/verification rerun |
| `ProviderDispatchGateStartSurfaceTest`, `ProviderOperationConcurrencyTest`, `VerificationAuthorizationTest` start assertion, `VerificationStartAfterCompletionTest`, `VerificationStartDedupeTest` | `N/A` | `unrelated-existing-debt` | after the route baseline repairs, these failures remain as provider-operation gate / dedupe behavior mismatches (`blocked` starts, extra runs, missing queued jobs) rather than panel or workspace-route drift; repo note `provider-verification-start-fixture-contract.md` documents the new startable fixture contract behind this seam | no | leave for a dedicated provider-operation / verification follow-up outside spec 293 | confirmed from post-rebaseline provider/verification rerun |
| `ProviderConnectionHealthCheckWritesReportTest` | `N/A` | `unrelated-existing-debt` | verification report summary counts now exceed the prior `<= 7` cap (`8` observed), which is report-schema/content drift unrelated to the cutover baseline | no | leave for a dedicated verification-report follow-up | confirmed from post-rebaseline provider/verification rerun |

## Completion Rule

Before `293` can be considered ready for implementation close-out, every remaining relevant group must appear in the table above or an appended row below with one pinned category and one explicit follow-up. After the final rerun, no cutover-related failure may remain unclassified: each group must be resolved, explicitly left out of scope as `unrelated-existing-debt` or `flaky-or-environment`, or recorded as `resolved-or-not-needed`.