Index — C1 Dry-Run Capability & Execution (2026-06-22)
Index — C1 Dry-Run Capability & Execution — 2026-06-22
LABELS:
LOCAL_DISPOSABLE_SANDBOX_DOT_EMULATOR·NOT_GOVERNED_RUNTIME·NOT_PRODUCTION·NOT_DIRECTUS_GOVERNED_WRITE·NOT_A_SUBSTITUTE_FOR_DOT_C1_REGISTRATIONVERDICT:C1_LOCAL_SANDBOX_DRYRUN_LOGIC_PROVEN_GOVERNED_DOT_RUNTIME_NOT_READYGoverned sub-stop:C1_DRYRUN_CAPABILITY_LOCKED_OPERATOR_ACTION_REQUIREDREGISTRATION_HOLD · REGISTRATION_CAN_PROCEED=NO · P2 CLOSED · no named lane · 0 governed-runtime mutations · NO subagents
What this package is
A one-pass attempt to close all technical inputs for a C1 dry-run and prove dry-run readiness. The attempt succeeded for sandbox logic (A) and honestly failed to find any governed DOT write/registration path (B), leaving an irreducible governed-runtime gap (C) that requires an exact operator action.
The three-way separation (mandatory)
- A. LOCAL SANDBOX PROOF — PROVEN. A disposable local Postgres cluster (PostgreSQL 14.17,
/tmp/c1_sandbox_2026_06_22, port 55432, dbc1_sandbox) was created and the full C1 contract surface built and exercised: schema/contracts, resolver, manifest+hash (cross-tool recomputable), authorization verifier, preflight READY, dry-run (no state), 19/19 bad-input fail-closed, valid apply + single-use consume, rollback/dismantle/clean-state. Proves C1 contract LOGIC, manifest/hash recompute, fail-closed behavior, rollback logic, evidence shape — nothing more. - B. GOVERNED DOT RUNTIME READINESS — NOT READY. No connected tool can create governed DOT runtime artifacts.
governance_canonical_operation_vocababsent; noDOT_C1_*registered;governance_build_authorization0 grants; every governed route read-only / item-CRUD-only / allowlist-denied / docs-only. - C. REMAINING GOVERNED DOT GAP — operator action required. See file 13 §C for the exact missing capability/command/where/why/unlock/next-command.
DOT reuse-first (rule honored — file 04b)
Governed dot_tools (309) searched before finalizing. A reused pattern: DOT_SCHEMA_*_ENSURE family + producer/verifier pairing. B rejected: generic DOT_SCHEMA_ENSURE, DOT-062 dot-rollback, *_VERIFY family (reasons logged). C new DOTs: sandbox-only. D registry update N/A — no governed DOT created, so C1_DRYRUN_HOLD_DOT_REGISTRY_NOT_UPDATED does not apply. E all DOT_C1_* are labeled sandbox emulators, not governed, no masquerade, no orphan.
Key evidence values
- C1 manifest hash (cser-v1, sandbox):
c9286d3acf8223d77207de69c79b2333c949c996c33843c5c42866a628d7ec00(recomputed identically by externalshasum -a 256; 2123 canonical bytes). - authority_fixture_hash:
3b3c2ff96c24c78df9f1923f21c5b998360ba964c7dac38deb9b1e9a73f315f4(14-row frozen mirror of prodapr_action_types). - sandbox apply seal:
b343316525b0c53135c371afd3c4bae420c87277e77d2c0fdff5353333dea23a(SANDBOX_APPLY only; dry-run seal =WITHHELD_DRY_RUN). - Prod engine PostgreSQL 16.13 (db
directus) vs sandbox 14.17 — SQL constrained to 14∩16 features. - Sandbox artifact provenance:
c1_build.sqlsha256c4fd4cf5efe3429eea066ffd320648f68688591fa45d17737a810330b8354110;c1_exercise.sqlsha256405154f7c4bddede6e3b96ee19746052828fbe1bed4f9ed2f7b6427a42b58163.
Files (16)
| # | File | Content |
|---|---|---|
| 00 | index-…-2026-06-22.md | this index |
| 01 | 01-source-register-and-current-blocker-reconstruction-…md | controlling evidence read; blocker reconstructed |
| 02 | 02-capability-matrix-all-routes-surveyed-…md | 16 routes surveyed, none stop-at-first-denial |
| 03 | 03-test-sandbox-lane-created-or-selected-…md | disposable local sandbox created (Option B) |
| 04 | 04-c1-executable-contracts-created-and-readback-…md | 7 sandbox DOT_C1_* contracts + readback |
| 04b | 04b-dot-registry-reuse-first-and-search-evidence-…md | DOT reuse-first search + A/B/C/D/E |
| 05 | 05-c1-directus-dot-table-registry-wiring-proof-…md | sandbox wiring proof + governed gap |
| 06 | 06-c1-manifest-hash-and-resolver-proof-…md | manifest, cser-v1, hash, cross-tool recompute |
| 07 | 07-c1-authorization-verifier-and-grant-proof-…md | verifier + 9 grant fixtures (non-prod) |
| 08 | 08-c1-preflight-and-dryrun-execution-log-…md | preflight READY + dry-run log (no state) |
| 09 | 09-c1-bad-input-and-fail-closed-results-…md | 19-case matrix, all fail-closed |
| 10 | 10-c1-rollback-dismantle-clean-state-proof-…md | apply→single-use→write-once→dismantle→clean |
| 11 | 11-before-after-runtime-and-kb-readback-evidence-…md | before/after + sandbox + KB readback |
| 12 | 12-internal-codex-negative-review-…md | A1–A18 adversarial review |
| 13 | 13-final-decision-…md | verdict, A/B/C, operator action, self-check |
| — | codex-review-packet-…md | condensed packet for Codex confirmation |
| — | ../macro-c1-dryrun-capability-and-execution-2026-06-22.md | top-level rollup |
One-line rule set carried
sandbox-logic-proven ≠ governed-DOT-ready; SQL-in-sandbox ≠ governed DOT registration; authorization ≠ capability; absence-of-surface ≠ demonstrated-fail-closed-on-governed-runtime; reuse-first before any new DOT; no local DOT name masquerades as governed; one fixture → one code → one namespace → one layer.