Bypass exists. Every bypass is audited and signed.
Three bypass channels: signed waiver, expiring token, human approver. All three carry signed evidence.
Executable docs ship with the install
The full reference for this topic — configuration files, code samples, CLI flags, API endpoints — ships inside every dpndncY installation so it always matches your installed version. This public-preview page lists what the in-product docs cover.
In the in-product docs
- Waiver format (DSSE-signed YAML)
- Expiring tokens (TTL, single-use, scoped)
- Human-approval workflow (Slack / web / API)
- What gets emitted as a signed bypass-attempt record
- Reporting on bypass usage by team and reason