KB-61B6

P3D — B3-F0 Onboarding Gate Dry-Run RERUN (after B3-F0a) — Report

12 min read Revision 1

p3dbirth-systemb3fb3f0onboarding-gatedryrunrerunafter-b3f0areport

P3D — Birth System B3-F0 Onboarding Gate Dry-Run RERUN (after B3-F0a) — Report

Date: 2026-05-12 Mode: READ-ONLY. Zero writes. Zero enforcement. Source prompt: knowledge/dev/laws/dieu44-trien-khai/prompts/p3d-birth-system-b3f-onboarding-gate-dryrun-prompt-DRAFT.md (rev 15 / latest) Precondition: B3-F0a Sibling Policy Materialization PASS_ACCEPTED (GPT review: knowledge/dev/laws/dieu44-trien-khai/reviews/gpt-review-b3f0a-sibling-policy-materialization-execution-pass-2026-05-12.md) Prior dry-run: knowledge/dev/laws/dieu44-trien-khai/reports/p3d-birth-system-b3f0-onboarding-gate-dryrun-report.md Database: PostgreSQL 16.13 (directus DB, public schema, VPS 38.242.240.89 container postgres)

Phase 0 — Environment + DB discovery

Item	Value
DB	`directus` (PostgreSQL 16.13)
Schema resolved	`public`
`collection_registry` rows	166
`dot_config` table exists	YES
`species_collection_map` table exists	YES

Phase 1 — Function OID resolution (live by `proname`)

SELECT proname, oid, pronamespace::regnamespace AS schema
FROM pg_proc
WHERE proname IN ('fn_birth_registry_auto', 'fn_birth_registry_auto_id')
ORDER BY proname;

Function name	OID	Schema
`fn_birth_registry_auto` (contract)	39232	public
`fn_birth_registry_auto_id` (sibling)	66750	public

Both critical catalog objects resolved live. No BLOCKED state. All subsequent trigger checks validate by function OID, never by trigger name.

Phase 2 — Sibling scope policy (now read from PG)

SELECT value::jsonb FROM dot_config
WHERE key = 'policy.birth_trigger.accepted_sibling_scope';

Result row:

{
  "version": 1,
  "source_review": "knowledge/dev/laws/dieu44-trien-khai/reviews/gpt-review-b3a2a-variant-function-equivalence-probe-pass-2026-05-12.md",
  "entries": [
    {
      "function": "fn_birth_registry_auto_id",
      "collections": ["governance_relations", "law_dot_enforcement", "law_jurisdiction"]
    }
  ]
}

Structural verification:

Assertion	Result
`value` parses as JSON object	✓
`version` = 1	✓
`source_review` present (non-null)	✓
`entries` is array (length = 1)	✓
`entries[0].function` = `fn_birth_registry_auto_id`	✓
`entries[0].collections` ⊇ `{governance_relations, law_dot_enforcement, law_jurisdiction}`	✓
Row `updated_at`	`2026-05-12 15:15:49.148776+00`

Live sibling-trigger table set vs policy collections set:

SELECT c.relname
FROM pg_trigger t
JOIN pg_class c ON t.tgrelid = c.oid
JOIN pg_namespace n ON c.relnamespace = n.oid
WHERE n.nspname='public' AND NOT t.tgisinternal
  AND t.tgfoid = (SELECT oid FROM pg_proc
                  WHERE proname='fn_birth_registry_auto_id'
                    AND pronamespace='public'::regnamespace)
ORDER BY c.relname;

Live sibling-trigger table	Trigger name
governance_relations	trg_birth_governance_relations
law_dot_enforcement	trg_birth_law_dot_enforcement
law_jurisdiction	trg_birth_law_jurisdiction

Live set = policy set, exact equality (no extras, no shortfall).

Posture flags:

sibling_policy_in_pg                    = true
sibling_policy_fallback_used            = false
sibling_policy_materialization_required = false

The previous SIBLING_POLICY_NOT_IN_PG WARN gap is resolved by B3-F0a. No fallback snapshot was consulted in this rerun.

Phase 3 — Full governed collection scan (166 rows, re-scanned live)

Coverage × scope matrix (re-scanned)

coverage_status	coverage_scope_status	n
BIRTH_DEFERRED_NEEDS_REVIEW	FUTURE_SCOPE	17
BIRTH_DEFERRED_NEEDS_REVIEW	IN_SCOPE	3
BIRTH_DEFERRED_NEEDS_REVIEW	ORPHAN_REGISTRY	7
BIRTH_DEFERRED_NEEDS_REVIEW	USER_EXCLUDED	31
BIRTH_EXEMPT_DERIVED_CACHE	IN_SCOPE	4
BIRTH_EXEMPT_STRUCTURAL_JUNCTION	IN_SCOPE	20
BIRTH_EXEMPT_SYSTEM_LOG_OR_AUDIT	IN_SCOPE	12
BIRTH_REQUIRED	IN_SCOPE	72
Total		166

3A. Coverage policy gaps

Check	Severity	Count
`MISSING_COVERAGE_POLICY` — `coverage_status IS NULL`	CRITICAL	0
`MISSING_SCOPE_POLICY` — scope NULL where status NOT NULL	WARN	0
`UNCLASSIFIED_COVERAGE_POLICY` — `coverage_status='UNCLASSIFIED_NEW'`	WARN	0
`DEFERRED_WITHOUT_OWNER` — deferred ∧ owner NULL	WARN	0
`SCOPE_MISMATCH` — BIRTH_REQUIRED ∧ scope ≠ IN_SCOPE	WARN	0

3B. Physical table check (BIRTH_REQUIRED ∩ IN_SCOPE = 72)

Check	Severity	Count
`MISSING_TABLE` — no BASE TABLE in `information_schema.tables`	CRITICAL	0

3C. Species mapping check (BIRTH_REQUIRED ∩ IN_SCOPE = 72)

Check	Severity	Count
`MISSING_SPECIES` — no `species_collection_map` row	CRITICAL	0

3D. Accepted birth trigger coverage (validated by function OID)

Trigger totals on public schema (excluding internal):

Function	OID	Triggers	Distinct tables
`fn_birth_registry_auto`	39232	166	148
`fn_birth_registry_auto_id`	66750	3	3

Wiring breakdown across the 72 BIRTH_REQUIRED ∩ IN_SCOPE collections:

Bucket	Count
WIRED_CONTRACT (OK)	69
WIRED_SIBLING (OK, within policy scope)	3
Missing both	0

Check	Severity	Count
`MISSING_TRIGGER` — no trigger with contract OID nor sibling OID	CRITICAL	0
`OUT_OF_SCOPE_SIBLING` — sibling-OID trigger on table not in policy `collections`	CRITICAL	0

3E. `birth_registry` recursion exemption

Field	Value
`birth_registry` has trigger with contract OID (39232)	false (0)
`birth_registry` has trigger with sibling OID (66750)	false (0)
coverage_status	`BIRTH_EXEMPT_SYSTEM_LOG_OR_AUDIT`
coverage_scope_status	`IN_SCOPE`
coverage_exemption_reason	`SYSTEM_MANAGED: self-referential birth system table — recursive trigger risk`
`BIRTH_REGISTRY_RECURSIVE_RISK` (CRITICAL)	0

3F. Exempt validation

Check	Severity	Count
`EXEMPT_WITHOUT_REASON` — `BIRTH_EXEMPT_*` ∧ reason NULL	WARN	0

Phase 4 — Summary statistics

total_governed                          = 166
total_compliant                         = 166
total_critical_gaps                     = 0
total_warn_gaps                         = 0   (was 1 SIBLING_POLICY_NOT_IN_PG, now CLEARED)

# Per-collection criticals
missing_coverage_policy_count           = 0
missing_scope_policy_count              = 0
missing_physical_table_count            = 0
missing_species_mapping_count           = 0
missing_birth_trigger_count             = 0
out_of_scope_sibling_count              = 0
birth_registry_recursive_risk           = false

# Per-collection warnings
unclassified_coverage_policy_count      = 0
deferred_without_owner_count            = 0
exempt_without_reason_count             = 0
scope_mismatch_count                    = 0

# Sibling policy posture (NEW after B3-F0a)
sibling_policy_in_pg                    = true
sibling_policy_fallback_used            = false
sibling_policy_materialization_required = false

# Informational only (not classified / not cleaned by this dry-run)
description_policy_unclassified_count   = 147
duplicate_trigger_pair_count            = 18

Informational — `description_policy` value distribution (live)

description_policy	n
`unclassified`	147
`required_detailed`	12
`structured_exempt`	7

Reported informationally per prompt §15. Cleanup deferred (out of scope for B3-F0).

Informational — B3-A-DUP duplicate trigger pairs (read-only observation)

18 tables each carry two triggers bound to the same contract function OID 39232 (name-level duplication only). Both reference the same function; this is not a sibling-policy violation and not a B3-F0 gate gap. Cleanup deferred to B3-A-DUP scope.

Same 18 tables as prior B3-F0 dry-run (unchanged): agents, checkpoint_sets, checkpoint_types, collection_registry, dot_tools, entity_dependencies, entity_species, meta_catalog, modules, system_issues, table_registry, tasks, taxonomy, taxonomy_facets, ui_pages, workflow_change_requests, workflow_steps, workflows.

Phase 5 — Detailed gap list

No critical or warn gaps detected. The single WARN gap from the prior dry-run (SIBLING_POLICY_NOT_IN_PG) is resolved by B3-F0a materialization.

#	Scope	Gap type	Severity	Status
—	(system)	`SIBLING_POLICY_NOT_IN_PG` (prior)	WARN	CLEARED — policy materialized in `dot_config`

Delta vs prior B3-F0 dry-run

Field	Prior	This rerun
`sibling_policy_in_pg`	false	true
`sibling_policy_fallback_used`	true	false
`sibling_policy_materialization_required`	true	false
`total_warn_gaps`	1	0
`total_critical_gaps`	0	0
`total_compliant`	166	166
All per-collection counts	0	0
`description_policy_unclassified_count` (info)	147	147
`duplicate_trigger_pair_count` (info)	18	18
Sibling-trigger tables vs policy `collections`	equal (fallback snapshot)	equal (live PG policy)

Hard-boundary attestation

Boundary	Status
No INSERT	✓
No UPDATE	✓
No DELETE	✓
No DDL	✓
No trigger creation / drop / alter	✓
No function creation / patch	✓
No policy mutation	✓
No species / entity_species / species_collection_map mutation	✓
No `system_issues` creation	✓
No `system_health_checks` creation	✓
No Phase 5C2 step	✓
No UI cutover	✓
Trigger validation by function OID (39232, 66750), not by trigger name	✓
Sibling scope loaded from PG (`dot_config`), no embedded list used	✓
KB report uploaded	✓

no_mutation_performed = true

Final response fields

b3f0_rerun_after_b3f0a_status=PASS
total_governed=166
total_compliant=166
total_critical_gaps=0
total_warn_gaps=0
sibling_policy_in_pg=true
sibling_policy_fallback_used=false
sibling_policy_materialization_required=false
out_of_scope_sibling_count=0
birth_registry_recursive_risk=false
missing_coverage_policy_count=0
missing_scope_policy_count=0
missing_species_mapping_count=0
missing_physical_table_count=0
missing_birth_trigger_count=0
unclassified_coverage_policy_count=0
deferred_without_owner_count=0
exempt_without_reason_count=0
description_policy_unclassified_count=147
duplicate_trigger_pair_count=18
no_mutation_performed=true
report_path=knowledge/dev/laws/dieu44-trien-khai/reports/p3d-birth-system-b3f0-onboarding-gate-dryrun-rerun-after-b3f0a-report.md
next_recommended_action=GPT_REVIEW_THEN_OPUS_DRAFT_B3F1_SOFT_GATE_DESIGN

B3-F0 Dry-Run RERUN (after B3-F0a) | Read-only | 2026-05-12 | Source prompt rev 15