GPT Review — 23-P3C2 Prompt rev4

Date: 2026-05-07
Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI
Reviewed: knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c2-iu-apply-edit-functions-prompt.md rev4

Verdict

Rev4 is very close, but do not dispatch yet. Rev5 small patch required.

Opus fixed the T1 double-call evidence bug and the prompt is now near final. One real test bug remains in T16 source verification, plus a couple of hardening issues that should be patched before running the official write path.

Accepted rev4 fixes

• T1 captures status, ids, invariant, and full JSON from the same successful apply call.
• Unique (unit_id, version_seq) requires exact count = 1.
• T15 grantee check uses psql variables in heredoc.
• Wrapper source forbidden patterns were expanded.
• T15 includes owner check.
• T19 uses invariant from successful T1 call.
• Shell comparison safety comment added.
• next_required_pack=P3D_NOTIFICATION_OUTBOX_BEFORE_HERMES_PRODUCTION is machine-readable.

Required rev5 fixes

P1 — BLOCKER: T16 apply source check does not actually fail when marker/delete condition is wrong

Rev4 has:

echo "$T16_AP" | grep -q "t" && ! echo "$T16_AP" | grep -q "t|t" || true
[ "$T16_WR" = "f" ] && echo "T16_WR=PASS" || ...

The || true means the apply-source check can never fail. Also it does not assert exact output.

Patch T16 to parse exact fields:

T16_AP=$("${PSQL[@]}" -t -A -F "$US" <<'SQL'
SELECT
  prosrc ~* 'app\.canonical_writer' AS has_marker,
  prosrc ~* 'delete\s+from\s+(public\.)?(information_unit|unit_version)' AS has_delete
FROM pg_proc
WHERE proname='fn_iu_apply_edit_draft'
  AND pronamespace='public'::regnamespace;
SQL
)
T16_AP_MARKER=$(echo "$T16_AP" | cut -d"$US" -f1)
T16_AP_DELETE=$(echo "$T16_AP" | cut -d"$US" -f2)
[ "$T16_AP_MARKER" = "t" ] && [ "$T16_AP_DELETE" = "f" ] || fail

Keep wrapper check, but fail if wrapper forbidden = true.

P2 — Apply source should also require expected write paths

For confidence, T16 should prove fn_iu_apply_edit_draft contains the expected official write path:

• insert into unit_version
• update information_unit
• gateway marker present
• no delete from IU/UV

Patch T16 apply query to include:

prosrc ~* 'insert\s+into\s+(public\.)?unit_version' AS has_uv_insert,
prosrc ~* 'update\s+(public\.)?information_unit' AS has_iu_update

Require marker=true, uv_insert=true, iu_update=true, delete=false.

P3 — P3C2 tests depend on two open drafts, but preflight only requires A

P3C1 normally retained two drafts. But if one was manually altered, DRAFT_B may be empty. Rev4 skips T6/T9 if B is empty, which weakens stale-base evidence.

Patch preflight:

• require both DRAFT_A_ID and DRAFT_B_ID open for this execution prompt; or
• if B missing, create a new second draft via fn_iu_create_edit_draft before apply and report it.

GPT recommendation: require B in preflight. If absent, STOP and ask for a small P3C1 helper run or create a new draft in a separate reviewed prompt. Do not silently skip stale-base test.

P4 — P3C2 prompt should initialize NEW_UV_ID, NEW_SEQ, T11_UV, T1_FULL, T1_INV

If preflight/function creation fails before tests, final report may reference unset variables.

Initialize in setup:

NEW_UV_ID=""; NEW_SEQ=""; T11_UV=""; T1_FULL=""; T1_INV=""
P3C1_HASHES_AFTER=""

P5 — T1/T11 body/address interpolation is still raw; validate inputs before use

TEST_ADDR_A is selected from DB and bodies are controlled strings, so risk is low. Still, add a validation gate:

• DRAFT_A_ID / DRAFT_B_ID must match UUID regex;
• TEST_ADDR_A must be non-empty and not contain single quote.

If validation fails, STOP.

This avoids psql interpolation surprises.

P6 — T15 owner check should report owner metadata in final report

Rev4 tests owner but final report only prints owner=$FN_OWNER. Add:

function_owner_verified=$FN_OWNER
function_security=SECDEF_search_path_pg_catalog_public_public_execute_absent_grantees_ok

P7 — P3D roadmap note accepted; no prompt code change except report wording

Keep roadmap note as is. Ensure final report uses exact:

notification_roadmap=knowledge/dev/laws/dieu44-trien-khai/design/23-p3d-notification-outbox-roadmap-note.md
next_required_pack=P3D_NOTIFICATION_OUTBOX_BEFORE_HERMES_PRODUCTION

Rev4 already does this; just preserve.

Directive to Opus

Patch P3C2 prompt to rev5 with P1–P7.

Path:

knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c2-iu-apply-edit-functions-prompt.md

Do not dispatch after patch. Return for GPT/User final review.

Hard boundaries remain

• No dispatch.
• No table DDL.
• No trigger/gateway changes.
• No vector mutation.
• No cleanup.
• No notification log implementation in P3C2.
• No Pack 2C.

Summary

Rev4 is near final. The only substantive blocker is T16: the apply-source check currently cannot fail because of || true. Rev5 should make T16 a real assertion, require two open drafts for stale testing, initialize final variables, and validate interpolated test values.