dot-iu-cutter v0.5 — First Constitution Snapshot MARK Dry-run · Command Package

Phase: v0_5_constitution_first_snapshot_MARK_dryrun_command_review · Nature: exact_command_authoring__no_execution · Date: 2026-05-18 · doc 2 of 5

command_status: EXACT + RUNNABLE (validated against the COMMITTED argparse, not the old pseudo)
NOT EXECUTED — awaiting GPT/User execution approval. Self-advance PROHIBITED.

---

1. The exact command (proposed; DO NOT RUN until approved)

Run from the repo root, on the feature branch at the committed entrypoint commit, in an environment with no DB env vars. $WD = ephemeral local scratch outside the git repo.

# QG1: entrypoint = committed afb7bfcc9b7bbb953bb00159479c9611e6ac4bd1
#      cutter_agent/dryrun.py sha256 f1f42e83…2efa1422 (verify before run)
cd /Users/nmhuyen/iu-cutter-build/repo/iu-cutter
git rev-parse HEAD                  # MUST be afb7bfcc9b7bbb953bb00159479c9611e6ac4bd1
git status --porcelain             # MUST be empty (clean tree)
shasum -a 256 cutter_agent/dryrun.py   # MUST be f1f42e83…2efa1422

WD="$(mktemp -d /tmp/icx-const-first-dryrun.XXXXXX)"; chmod 700 "$WD"

python3 -m cutter_agent.dryrun \
  --mode               mark-manifest-only \
  --no-db-write --no-cut --no-verify --fail-closed \
  --source-version-id  icxconst-008a06ace23a96ea6cd456146e805c97 \
  --snapshot-artifact  tests/fixtures/constitution-normalized-17660443e0f23e99.md \
  --expect-region-sha  17660443e0f23e994e1807cf8e22920951a9e70c598956dbd0e752f4f5cae80c \
  --expect-length      17522 \
  --expect-markers     'enacted=19,controlled_draft=1,draft=1,obsolete=1' \
  --grammar-profile    incomex-architecture-constitution-v4 \
  --parser-refimpl     nuxt-incomex-portal-constitution-v1.refimpl.r1 \
  --scope              enacted_only \
  --docprefix          ICX-CONST \
  --out-dir            "$WD/manifest" \
  --emit               manifest.json,review_evaluation.json,coverage_proof.json,determinism_digest.md,dryrun_report.md

1.1 Why every token is correct vs the COMMITTED code

--mode mark-manifest-only      : the ONLY accepted mode (else exit 2 REFUSED, dryrun.py:463)
--no-db-write/--no-cut/--no-verify : all three mandatory (else exit 2, dryrun.py:467); store_true
--fail-closed                  : accepted store_true (code is unconditionally fail-closed; passed for contract)
--source-version-id            : icxconst-008a06… → bound into every unit's provenance (dryrun.py:374)
--snapshot-artifact            : COMMITTED byte-faithful local fixture (OPT-P1, doc 1 §5). read via
                                 Path(...).read_text(); region gate ABORTS on any drift (dryrun.py:491)
--expect-region-sha/length/markers : the pinned canonical 17660443…/17522/{enacted=19,controlled_draft=1,
                                 draft=1,obsolete=1}; key spelling MUST be the MARKERS values
                                 (enacted/controlled_draft/draft/obsolete) — parsed at dryrun.py:482-484
--grammar-profile/--parser-refimpl/--scope/--docprefix : equal to code defaults; passed explicitly for an
                                 unambiguous, audit-legible command (scope!=enacted_only ⇒ exit 2)
--out-dir "$WD/manifest"       : ephemeral LOCAL scratch (not the MCP KB folder); created by the run
--emit ...                     : ACCEPTED but IGNORED by code — the 5 files are always written with the
                                 fixed names below; value supplied only to document intent
OMITTED ON PURPOSE (NOT in committed argparse — would crash):
  --identity-region  --exclude-markers  --address-template  --leaf-floor  --emit-levels
  (these were in the superseded design pseudo; the committed code hardcodes the sentinels,
   exclusion logic, at.icx.const.v4, the DIEU floor, and the OD-G3 3-level emission)

2. Mandatory behaviour the committed entrypoint enforces (already in code)

B1 region rehash BEFORE parse: snapshot_gate() asserts sha==17660443… ∧ len==17522 ∧
   markers=={enacted:19,controlled_draft:1,draft:1,obsolete:1}; mismatch ⇒ FailClosed ⇒ exit 3 BLOCKED
B2 parse via refimpl.r1 semantics over the normalized region; NO live fetch (pure file read)
B3 zone_router fail-closed (5 zone headers exactly once, in order)
B4 status cascade tier_2 > tier_1 > tier_0; Điều 44 row 📋 ⇒ controlled_draft ⇒ EXCLUDED;
   Điều 34 group 📝 ⇒ draft ⇒ EXCLUDED; ⛔ obsolete group ⇒ EXCLUDED; all itemised, none dropped
B5 enacted_only: only effective_status==enacted ⇒ candidate; others ⇒ excluded[] with reason
B6 db_write = "NONE" (import-isolated; no DB module importable by construction)
B7 NO CUT / NO VERIFY / NO fn_iu_create / NO Directus / NO vector / NO git mutation
B8 fail-closed: unknown marker, span overlap, uncovered line, orphan section, malformed heading,
   duplicate canonical_address, non-deterministic re-run ⇒ FailClosed ⇒ exit 3, only dryrun_report.md
   (status: BLOCKED) written; never a guessed PASS, never a silent drop
B9 reconstruction proof + determinism re-run (build twice, compare digest) enforced in main()

3. Allowed outputs (exactly 5 files, fixed names — dryrun.py:513-546)

out_dir (local scratch $WD/manifest):
  - manifest.json            # header + candidates[] + excluded[] + noncontent_lines[]
  - review_evaluation.json   # coverage_closed, no_overlap, address_unique, levels_present,
                              #   dieu_44_excluded, candidate_count, excluded_count
  - coverage_proof.json      # region_length, lines_total, candidate/excluded/noncontent lines,
                              #   reconstruction_ok
  - determinism_digest.md    # manifest_digest_sha256 + re_run_equal: true
  - dryrun_report.md         # status PASS|BLOCKED + mode + db_write NONE + counts + digest
final_destination (KB, by operator AFTER the authorized run):
  knowledge/dev/laws/dieu44-trien-khai/v0.5-constitution-first-snapshot-mark-dryrun-output/
  (upload the 5 artifacts; if manifest.json is too large for KB, upload a redacted summary +
   digests + dryrun_report.md and keep the full manifest only in shredded scratch evidence)
forbidden_output_targets: any production/governance/DR DB row; source_document* mutation;
  Directus/Qdrant/NoSQL/git. db_write_policy = NONE (enforced by import isolation).
exit_codes: 0=PASS(5 files) · 2=REFUSED(guard) · 3=BLOCKED(FailClosed; only dryrun_report.md)

4. Quality-gate mapping

QG1 uses committed entrypoint afb7bfc            : PASS (command pinned to HEAD + sha precheck)
QG2 exact command defined                         : PASS (§1, validated vs committed argparse)
QG3 no-DB / no-CUT / no-VERIFY guard defined      : PASS (§2 B6/B7; flags mandatory; DB-env guard)
QG4 output folder + files defined                 : PASS (§3)
QG6 dry-run NOT executed                           : PASS (command authored only; not run)

doc 2 of 5. Nothing executed. Self-advance PROHIBITED.