KB-542F

dot-iu-cutter v0.5 — Constitution Snapshot-source MARK Branch Patch Apply Log (branch created; dryrun.py byte-exact f1f42e83; test file sha MISMATCH → BLOCKED rule#6; no commit)

6 min read Revision 1

dot-iu-cutter v0.5 — Constitution Snapshot-source MARK Branch Patch Apply Log

Phase: v0_5_constitution_snapshot_source_MARK_entrypoint_branch_patch_apply_CI · Nature: controlled_branch_apply__partial__BLOCKED_on_byte_faithfulness · Date: 2026-05-18 · doc 1 of 4
apply_status: BLOCKED  (STOP_AND_REPORT — guard: patch not byte-faithful from KB)
dryrun.py: BYTE_EXACT (f1f42e83…) ; test file: SHA MISMATCH (454d9fc8… != 31143968…)
git_commit: false ; deploy: false ; first_dryrun: NOT executed ; cut/verify/db: NONE
decision_authority: GPT / User ONLY ; self_advance: PROHIBITED

1. Authority chain (KB SSOT, read before acting)

gpt_baseline_closeout_and_patch_apply_approval:
  knowledge/dev/laws/dieu44-trien-khai/reviews/
  dot-iu-cutter-v0.5-git-baseline-closeout-gpt-review-and-patch-apply-approval-2026-05-18.md
  -> git_baseline_init: CLOSED_PASS ; repo HEAD 4367c83 ; branch+apply+local-tests
     AUTHORIZED ; commit/deploy/dryrun/CUT/VERIFY NOT authorized
gpt_entrypoint_design_ruling:
  …/reviews/dot-iu-cutter-v0.5-constitution-snapshot-source-mark-entrypoint-design-
  gpt-ruling-and-code-authoring-approval-2026-05-18.md  -> design PASS, OD-G3 ruled
patch_ssot: …/v0.5-constitution-snapshot-source-mark-dryrun-entrypoint-code-authoring/
  dot-iu-cutter-v0.5-constitution-snapshot-mark-code-diff-or-patch-2026-05-18.md (doc 2/6)
  expected sha256: dryrun.py f1f42e83ca23ba0b328f79cf04a8391ac699d1b307eb1b22b52c305f2efa1422
                   test     31143968f322433cc5da62fa3ccf2a1fbe1905f461940c789a57cb0a116dc1b4

2. Preconditions (QG1) — verified live

$ git -C /Users/nmhuyen/iu-cutter-build/repo/iu-cutter rev-parse HEAD
4367c83553207a9e3e037d6092f27a39c47eca7b          # == required baseline
$ git rev-parse --abbrev-ref HEAD  -> main
$ git status --porcelain          -> (empty = clean working tree)
$ test -e cutter_agent/dryrun.py             -> ABSENT (OK, no clobber)
$ test -e tests/test_dryrun_snapshot_mark.py -> ABSENT (OK, no clobber)
$ python3 --version -> Python 3.11.6 ;  pytest -> NOT on PATH (used unittest)

repo_path: /Users/nmhuyen/iu-cutter-build/repo/iu-cutter
HEAD_before: 4367c83553207a9e3e037d6092f27a39c47eca7b
working_tree_before: clean
target_files_pre_exist: NO
guard_HEAD_not_4367c83: not triggered
guard_dirty_tree:       not triggered
guard_target_exists:    not triggered
QG1: PASS

3. Feature branch (QG2)

$ git checkout -b feature/constitution-snapshot-mark-dryrun
Switched to a new branch 'feature/constitution-snapshot-mark-dryrun'
$ git rev-parse HEAD            -> 4367c83… (branched from main@4367c83, no commits)

branch: feature/constitution-snapshot-mark-dryrun
branched_from: main @ 4367c83553207a9e3e037d6092f27a39c47eca7b
QG2: PASS

4. Patch application — additive, 2 NEW files only (QG3)

Applied = drop the two KB doc-2 verbatim files at their paths (git apply N/A: non-git-origin patch; additive). NO existing repo file touched.

cutter_agent/dryrun.py:
  action: CREATED (new, untracked on feature branch)
  sha256_written: f1f42e83ca23ba0b328f79cf04a8391ac699d1b307eb1b22b52c305f2efa1422
  sha256_expected: f1f42e83ca23ba0b328f79cf04a8391ac699d1b307eb1b22b52c305f2efa1422
  verdict: BYTE-EXACT MATCH  ✓
  size: 558 newlines / 23503 bytes
tests/test_dryrun_snapshot_mark.py:
  action: CREATED (new, untracked on feature branch)
  sha256_written: 454d9fc84e940fdcf9da10bf29d12c5c420e21b1147ccc8da6a29a81f2843a4a
  sha256_expected: 31143968f322433cc5da62fa3ccf2a1fbe1905f461940c789a57cb0a116dc1b4
  verdict: SHA MISMATCH  ✗  (NOT byte-faithful from KB markdown)
  size: 219 newlines / 9603 bytes
existing_files_modified: 0  (cli.py / phases.py / db_adapter.py / ledger.py /
  signal.py / signing.py / state_machine.py / canonicalization.py / idempotency.py
  / __init__.py / 5 existing tests / README.md / .gitignore — ALL untouched)
guard_patch_modifies_existing_files: not triggered (pure addition)
QG3: PARTIAL — only the 2 authorized files added; one not byte-faithful

5. Controlling guard — triggered

guard: "If patch cannot be applied byte-faithfully from KB, STOP_AND_REPORT."
evaluation:
  dryrun.py reproduced byte-exact (f1f42e83…) — PROVES the KB doc-2 text is
    faithfully transcribable and the entrypoint module is authentic.
  tests/test_dryrun_snapshot_mark.py written from the same KB doc-2 verbatim
    block hashes 454d9fc8… != ratified 31143968… — the test artifact is NOT
    byte-faithful. Root cause indeterminate without the authoritative bytes
    (KB diffstat hinted ~211 lines; reproduced 219). Per governance the agent
    does NOT guess whitespace/line edits to force a hash match.
action_taken: STOP_AND_REPORT. NO commit. Branch + 2 untracked files left
  in place (uncommitted) for GPT/User inspection. dryrun.py byte-exact retained.

6. Non-execution statement

git_commit: NONE        deploy/restart: NONE       remote_add/push: NONE
first_constitution_dry_run: NOT executed           CUT: NONE   VERIFY: NONE
production_IU: NONE      production_DB_write: NONE
source_document/source_version mutation: NONE      schema_change: NONE
Directus/vector mutation: NONE                     self_advance: PROHIBITED
HEAD_after: 4367c83553207a9e3e037d6092f27a39c47eca7b (unchanged; no commit)
main_branch: untouched

doc 1 of 4 — companion: test-result (2), git-diff-status (3), apply-ci-report (4). Self-advance PROHIBITED.