Z603 — Dead Suppression¶

Z-Code: Z603 DEAD_SUPPRESSION · Engine: standalone · Exit: 0 · Severity: warning

What Is Z603?¶

Z603 fires when a  directive exists on a line but no active finding of code Zxxx is produced for that line.

The directive silences nothing. It is Phantom Debt: it consumes part of the 30-point governance budget without justification.

The Fixture¶

This page intentionally contains a dead suppression directive on the line below. The link is valid, so no Z101 finding is produced — the directive is never consumed.

Zenzic Documentation

Zenzic will report Z603 on the line above because the zenzic:ignore: Z101 directive never matched an active Z101 (LINK_BROKEN) finding.

Running the Example¶

# From the zenzic-doc root
uvx zenzic check references

Expected output (simplified):

docs/tutorials/examples/z6xx-brand/z603-dead-suppression.md:22  !  [Z603]
Inline suppression directive does not suppress any active finding.
Remove the dead comment.

    20  │  The link is valid, so no Z101 finding is produced — the directive
         is never consumed.
    21  │
    22  ❱  [Zenzic Docs](./z601-brand-obsolescence.md) <!-- zenzic:ignore:
         Z101 - this link is fine, suppression is dead -->
       │                                               ^^^^^^^^^^^^^^^^^^^^
    23  │

Exit code: 0 (warning-only; use --strict to promote to Exit 1)

The Three Z603 Scenarios¶

Scenario A — Dead Directive (this page)¶

A valid link has a zenzic:ignore: Z101 directive that is never consumed.

[Real Page](./real-page.md) <!-- zenzic:ignore: Z101 - precaution -->

→ Z603 fires. The suppression comment must be removed.

Scenario B — Consumed Directive (no Z603)¶

A broken link has a zenzic:ignore: Z101 directive that IS consumed.

[Broken](./missing.md) <!-- zenzic:ignore: Z101 - known broken, tracked in issue #42 -->

→ Z603 does not fire. The directive is legitimate.

Scenario C — Inviolability Law (Z201 + Z603)¶

Attempting to suppress a security code is always dead:

aws_key = AKIA••••••••••••EXAMPLE <!-- zenzic:ignore: Z201 - expected key -->

→ Z201 fires (credential scanner is non-suppressible). → Z603 also fires (the Z201 directive was never consumed).

Policy Isolation¶

The docs/tutorials/examples/** directory is covered by a Z603 exemption in .zenzic.toml so this intentional fixture does not fail the Quality Gate:

[governance.directory_policies]
"docs/tutorials/examples/**" = ["Z401", "Z506", "Z603"]

Resolve the Issue¶

Remove the dead comment. If the link was recently fixed, clean up the suppression.
Never add speculative suppressions. Add zenzic:ignore only after confirming an active finding on that line.
Security codes are non-suppressible. Z201/Z202/Z203/Z204 directives are always dead — fix the underlying secret instead.