dot-iu-cutter v0.5 — Constitution Snapshot-source MARK Entrypoint: Test Plan & Results

Phase: …_code_authoring · Nature: local_unit_tests_in_isolated_scratch__no_DB__no_first_dryrun · Date: 2026-05-18 · doc 3 of 6

tests_run_where: ephemeral /tmp/iucut-scratch (0700, no DB, no network) — SHREDDED
production_touched: false ; db_write: none ; first_dryrun: NOT EXECUTED
decision_authority: GPT / User ONLY ; self_advance: PROHIBITED

---

1. Test scope boundary (governance)

allowed_and_done:
  - local unit/integration tests of gate + matchers + status cascade + manifest
    + coverage + determinism + fail-closed + import-isolation
  - the snapshot GATE was validated against a byte-exact local copy of the
    KB-pinned artifact (read-only sha256 — NOT "the dry-run")
NOT done (the GPT-gated milestone — out of scope here):
  - the official first Constitution dry-run: cutter_agent.dryrun was NEVER invoked
    to emit manifest.json/review/coverage/determinism/report into the KB folder
    knowledge/dev/laws/dieu44-trien-khai/v0.5-constitution-first-dryrun/
  - the PASS pipeline was exercised ONLY in-memory in scratch (build_manifest()
    returns a dict; no official artifact files were written anywhere)
  - the only file ever written by main() in scratch was a synthetic BLOCKED
    dryrun_report.md to /tmp (drift negative test) — then deleted with the scratch

2. Test inventory (tests/test_dryrun_snapshot_mark.py, 21 tests)

TestGate (5):
  region_identity_exact          gate over the pinned region => sha/len/markers exact
  gate_fails_on_sha_drift        sha mismatch => FailClosed
  gate_fails_on_length_drift     len mismatch => FailClosed
  gate_fails_on_marker_drift     marker census mismatch => FailClosed
  missing_sentinel_fails         no BEGIN/END sentinel => FailClosed
TestManifest (9, over the real pinned region):
  emits_three_levels_dieu_floor  candidate levels == {NGUYEN_TAC,KIEN_TRUC_SECTION,DIEU}
  counts_and_range               NT==15, KT==3, candidate_count ∈ [55,78]
  dieu_44_excluded_..._tier2     Đ44 controlled_draft via tier_2 row marker; reason
  dieu_34_draft_and_obsolete_..  excluded set == [controlled_draft,draft,obsolete×2]
  no_candidate_is_non_enacted    every candidate effective_status==enacted
  address_format_and_uniqueness  ICX-CONST/<path>; no status glyph; unique
  coverage_closes_and_reconstructs  reconstruction_ok == True
  determinism                    re-run manifest_digest_sha256 identical
  provenance_binding             every unit binds source_version_id + snapshot sha
TestFailClosedSynthetic (4):
  unknown_marker_fails_closed    unmapped marker (✨) => FailClosed
  orphan_row_before_group        DIEU row before any group header => FailClosed
  nt_out_of_order_fails_closed   principle id sequence broken => FailClosed
  synthetic_happy_path_cascade   15 NT + 3 KT + 1 DIEU(tier_1) + coverage closes
TestNoDbImportIsolation (3):
  module_imports_only_stdlib     AST: imports ⊆ stdlib; no cutter_agent/psycopg/
                                 socket/requests/sqlalchemy
  cli_refuses_wrong_mode         --mode cut => exit 2 (refused)
  cli_refuses_without_no_db_flags  missing --no-db-write/--no-cut/--no-verify => exit 2

3. Result — full suite

$ python3 -m unittest tests.test_dryrun_snapshot_mark
----------------------------------------------------------------------
Ran 21 tests in 0.007s

OK
$ python3 -m py_compile cutter_agent/dryrun.py   ->  py_compile OK

result: 21 / 21 PASS
module_sha256: f1f42e83ca23ba0b328f79cf04a8391ac699d1b307eb1b22b52c305f2efa1422
test_sha256:   31143968f322433cc5da62fa3ccf2a1fbe1905f461940c789a57cb0a116dc1b4

4. In-memory integration evidence over the PINNED region (no artifacts emitted)

snapshot_gate:        region_sha256 = 17660443e0f23e99…cae80c  (== expected)
                      region_length = 17522                     (== expected)
                      marker_counts = {enacted:19, controlled_draft:1,
                                       draft:1, obsolete:1}      (== expected)
manifest (build_manifest, in-memory dict only):
  candidate_count : 60      (15 NGUYEN_TAC + 3 KIEN_TRUC_SECTION + 42 DIEU)
                            -> within the design guardrail range [55, 78] ✓
  excluded_count  : 4
    - Điều 44  controlled_draft  basis=tier_2_explicit_row_marker
                                  reason=controlled_draft_deferred
    - Điều 34  draft             basis=tier_1_group_header
                                  reason=draft_excluded_by_enacted_only
    - "Luật Luồng DL v1.1"  obsolete  basis=tier_1_group_header
                                       reason=obsolete_excluded
    - "Hiến pháp v3.9"      obsolete  basis=tier_1_group_header
                                       reason=obsolete_excluded
  noncontent      : 69 structural lines (Z1 preamble, zone headers, catalog
                    group/column headers, Z4 pointer block, Z6 CHANGELOG block,
                    NGUYEN_TAC column headers + the two "→ " cross-ref pointers)
  status_basis exercised : tier_0 (NT/KT), tier_1 (group), tier_2 (Đ44 override)
  coverage        : unit-span set and structural set independently derived,
                    DISJOINT and together cover all 308 region lines (no gap =>
                    no silent drop; no intersection => no overlap)
  reconstruction_ok : True (recomputed from emitted candidate+excluded spans)
  determinism     : manifest_digest_sha256 identical across re-run
  addresses       : 64 total (candidate+excluded), all unique, all ICX-CONST/<path>,
                    status never encoded (e.g. ICX-CONST/NT-12, ICX-CONST/KT-A,
                    ICX-CONST/DIEU-33, ICX-CONST/DIEU-0-S-M-L,
                    ICX-CONST/DIEU-TERMINOLOGY, ICX-CONST/DIEU-44 [excluded])

5. Fail-closed negative evidence

checksum_drift (main(), --expect-region-sha DRIFTEDsha over the real artifact):
  stderr: "BLOCKED: snapshot rehash mismatch: got 17660443… != DRIFTEDsha
           (ABORT before parse)"
  out-dir: ONLY dryrun_report.md written, content:
     status: BLOCKED ; production_touched: false ; db_write: NONE
  -> ABORT happened BEFORE any parse; no manifest; internal exit code 3;
     /tmp out-dir deleted with scratch
unknown_marker / orphan_row / nt_out_of_order / missing_sentinel / marker_census /
length_drift : all raise FailClosed -> BLOCKED (never an auto-pass, never a
silent drop), asserted green in the suite.

6. Known limitation (honest scope statement)

- Full end-to-end validation of segmentation over the REAL Constitution snapshot
  with official artifact emission == the first Constitution dry-run, which is
  GPT-gated and FORBIDDEN in this phase. It is NOT performed here.
- The in-memory integration evidence (§4) demonstrates the code reproduces the
  ratified design's expected structure (15/3/42, [55,78], Đ44 excluded, coverage
  closed, deterministic) but is delivered for COMMAND-REVIEW, not as the dry-run
  result. The authorized first dry-run remains a separate, gated step (doc 4/6).
- OD-G3 micro-decision is now CLOSED by GPT (emit 3 levels, DIEU floor) and is
  implemented exactly.

7. Statement

• QG3/QG4 satisfied: deterministic matchers + 3-tier status cascade implemented and unit-proven (21/21). QG5: artifact-only/no-DB proven structurally (AST import isolation) + flag/scope/DB-env refusals. QG6: first dry-run NOT executed.
• Tests ran only in an ephemeral /tmp scratch (no DB, no network); scratch shredded.
• doc 3 of 6; STOP after 6 docs → route GPT/User. Self-advance PROHIBITED.

Companion docs: code-authoring-plan (1), code-diff-or-patch (2), command-review-package (4), risk-and-rollback-note (5), code-authoring-report (6).