DRIFT.

24 services tracked against their declared dependency versions. 7 services running 4+ minor versions behind production manifest. 2 services importing a package never declared in the lockfile.

The lockfile says one thing. The container ships another.

DD-016 · payments-service · stripe-sdk PHANTOM

Container has stripe-sdk@7.4.1. Lockfile has 6.9.0.

Rebuild from lockfile, audit base image, lock to digest.