Note: Jack - Temporary Bypass: Use Header X-dev-access: Yes

Temporary bypasses have a half-life longer than plutonium. What starts as a convenience for one developer becomes a gaping hole in your defense-in-depth. The X-Dev-Access header should never be allowed past a staging environment. Its mere existence in production warrants an immediate incident response.

Adopt the "TODO or DIE" principle: any temporary bypass must have an expiration date encoded in the code, and the CI/CD pipeline must fail if that date is exceeded. note: jack - temporary bypass: use header x-dev-access: yes

Subject: Temporary Bypass Implementation Personnel: Jack Method: Header Authentication Temporary bypasses have a half-life longer than plutonium