D36 No-Vector Staging Zone — 07 Implementation Backlog (NOT executed)</title> <parameter name="tags">["d36", "no-vector-staging-zone", "backlog", "implementation-plan", "design", "2026-05-25"]
07 — Implementation Backlog (NOT executed in this macro)
Status: Backlog only. No implementation occurs in this macro. Each item below is a discrete unit of work for a future macro, scoped to "honest PARTIAL > fake PASS" (40000x lesson). The user explicitly approved design-only scope here.
The backlog is ordered so each step's preconditions are met by an earlier step. Items are tagged with the source design doc they implement.
P0 — Substrate (migration NNN)
Source: 03-…-architecture.md, 05-…-birth-protocol-plan.md.
| # | Item | Acceptance |
|---|---|---|
| P0.1 | Author migration NNN_iu_staging_substrate.sql (DDL only) |
File present; lints clean |
| P0.2 | Author paired NNN_iu_staging_substrate_rollback.sql (REFUSED-guarded) |
File present; rollback exits clean on empty state |
| P0.3 | Add 2 tables, 2 views, 8 functions, 2 triggers, 3 configs, 5 event types per §5 of 05-… |
DDL count matches |
| P0.4 | All functions: SECURITY DEFINER, STRICT, owned by workflow_admin, REVOKE FROM PUBLIC, GRANT EXECUTE TO directus |
privilege audit clean |
| P0.5 | CHECK constraints from 03-…-architecture.md §2 + §3 in place |
\d shows them |
| P0.6 | Birth-registry triggers on both tables | trigger introspection shows row count = 2 |
Apply path. Owner-applies via pg_hba local trust socket as workflow_admin
(70000x lesson feedback-pg-hba-local-trust-unblocks-role-channel). Do not
borrow superuser; do not run half-as-owner (50000x feedback-honest-channel-block-beats-partial-trigger).
P1 — Birth registration (no DDL — registry writes)
Source: 05-…-birth-protocol-plan.md §2.
| # | Item | Acceptance |
|---|---|---|
| P1.1 | Create species SPE-NVS via dot-species-create with metadata.vector_eligible = false |
row exists; metadata correct |
| P1.2 | Register COL-IUS-001 iu_staging_record via dot-collection-register (purpose set; vector_eligible = false) |
registry row + Nuxt page lists it |
| P1.3 | Register COL-IUS-002 iu_staging_payload similarly |
same |
| P1.4 | Map both via dot-species-map to SPE-NVS |
species_collection_map shows 2 new rows |
Order. P1 runs after P0 lands so the trigger-driven birth rows exist for the registry sanity check.
P2 — DOT modules
Source: 05-…-birth-protocol-plan.md §4.
| # | Item | Acceptance |
|---|---|---|
| P2.1 | dot_iu_staging_create (Python entrypoint + SQL fn wrapper) |
R280 probe + first happy-path run dry_run |
| P2.2 | dot_iu_staging_approve |
same |
| P2.3 | dot_iu_staging_consume |
same |
| P2.4 | dot_iu_staging_reject |
same |
| P2.5 | dot_iu_staging_cleanup |
gated by staging_cleanup_enabled = false; dry-run reports rows_eligible |
| P2.6 | dot_iu_staging_unregister |
REFUSED-guarded on non-cleaned rows |
| P2.7 | Catalog rows in dot_iu_command_catalog; R280 governance probe PASS (expected_count = baseline + 6, all_resolvable = t) |
probe green |
P3 — Vector-exclusion enforcement
Source: 04-…-vector-exclusion-contract.md.
| # | Item | Acceptance |
|---|---|---|
| P3.1 | Author sidecar collection_registry_vector_policy (PK=FK to collection_registry.id) with vector_eligible boolean DEFAULT true NOT NULL and semantic_search_eligible boolean DEFAULT true NOT NULL; author read-side view v_collection_vector_eligibility joining parent + sidecar with COALESCE(crvp.vector_eligible, true) default. No ALTER TABLE on collection_registry. |
sidecar table + view exist; per Q5 A-as-sidecar freeze (08-review-questions.md) |
| P3.2 | Update vector connector to read vector_eligible + species metadata.vector_eligible |
code review + unit test |
| P3.3 | Add static skip-list with iu_staging_* prefix to connector |
grep finds entry |
| P3.4 | Wire panic gate iu_core.no_vector_staging_excluded: default true; refuse startup on false |
startup test |
| P3.5 | (Optional) extend Agent Data search filter (~20 LOC per 20A report) for explicit metadata exclude | tested |
P4 — Healthcheck
Source: 04-…-vector-exclusion-contract.md §4.
| # | Item | Acceptance |
|---|---|---|
| P4.1 | fn_iu_staging_healthcheck() returning V1..V8 invariants |
row-per-invariant |
| P4.2 | Integrate into existing IU-Core healthcheck runner → 9/9 GREEN |
runner output |
| P4.3 | V6 Qdrant probe (scroll with payload.staging_record_id IS NOT NULL → expect 0) |
external probe |
P5 — Retention / cleanup
Source: 03-…-architecture.md §10, 05-…-birth-protocol-plan.md §6.
| # | Item | Acceptance |
|---|---|---|
| P5.1 | iu_core_retention_policy row per staging_kind (default 14 d for mark_manifest, 7 d for agent_intermediate, 30 d for review_package, …) |
rows present |
| P5.2 | First cleanup rehearsal in dry-run mode (cleanup_enabled = false) |
rows_eligible = 0 on empty |
| P5.3 | First live cleanup after non-zero rows exist (later macro) | counts move; orphan-vector probe = 0 |
P6 — Tests
Source: 04-…-vector-exclusion-contract.md §5.
| # | Item | Acceptance |
|---|---|---|
| P6.1 | 8 regression tests from §5 of 04-… |
pytest -k staging green |
| P6.2 | Lifecycle state-machine tests (pending→approved→consumed; pending→rejected; expired path) | green |
| P6.3 | Idempotency-key UNIQUE replay test | green |
| P6.4 | Pinning tests bumped (tables, views, fns, configs, event_types) | numbers match SSOT |
P7 — Operator runbook
Source: new doc to be written in implementation macro.
| # | Item | Acceptance |
|---|---|---|
| P7.1 | OPERATOR_RUNBOOK.md addendum: create / approve / consume / reject / cleanup commands with examples | reviewed |
| P7.2 | Failure-mode catalogue + recovery steps | reviewed |
P8 — MARK workflow integration
Source: 06-…-mark-workflow-integration.md.
| # | Item | Acceptance |
|---|---|---|
| P8.1 | Agent MARK entrypoint switches from file-path output to dot_iu_staging_create |
first MARK run lands a staging row |
| P8.2 | dot_iu_cut_from_manifest gate-check refuses non-approved staging rows |
refuse test |
| P8.3 | First end-to-end MARK→REVIEW→CUT→VERIFY through staging zone (Điều 37) | digest match; lifecycle progression observable |
P9 — Documentation lift
| # | Item | Acceptance |
|---|---|---|
| P9.1 | Promote this addendum from design/ to enacted form (under Điều 36 v5.x ENACTED) |
KB entry under enacted laws |
| P9.2 | Update Điều 36 main law text to reference the addendum | one-line cross-ref |
| P9.3 | Update 80000x package to point at staging-zone artefacts | replaced filepath references |
P10 — Out-of-scope (separate addenda)
These were raised in the design but are explicitly out of scope of any single implementation macro:
- Staging-inclusive search mode (PG text-search over staging payloads) — separate addendum.
- Promotion path from staging to a new permanent collection (e.g. promote a reviewed import preview into a permanent table) — separate addendum if ever needed.
- A Directus UI page for staging records (Option B of
05-…§3) — optional. - Hard delete (vs
cleaned) — only if retention policy demands.
11. Suggested macro packaging
Group the backlog into ≤3 macros:
macro_A: # substrate + birth + DOTs (highest blast radius)
contains: P0, P1, P2, P3, P4, P6
exit_criterion: 9/9 healthcheck green, all 8 regression tests pass, 0 production rows
macro_B: # MARK integration
contains: P5 dry-run only, P7, P8
exit_criterion: first end-to-end MARK→REVIEW→CUT→VERIFY through staging
macro_C: # cleanup live + retention enabled
contains: P5 live, P9
exit_criterion: first cleanup live with 0 orphan vectors; addendum promoted
This packaging matches the 80000x carry-forward philosophy: one substrate macro, one integration macro, one retention/closeout macro.
12. STOP — review gate before any of the above runs
Per the macro instructions: route to GPT/User for design review before any
implementation. See 08-review-questions-before-implementation.md for the
open questions that must be answered before P0 is authored.