KB-5EF2
dot-iu-cutter v0.5 — Lifecycle Enactment Design · FINAL Report (outcome A LIFECYCLE_ENACTMENT_DESIGN_READY) (doc 6 of 6)
13 min read Revision 1
dot-iu-cutterv0.5lifecycle-enactment-designfinal-reportoutcome-a-lifecycle-enactment-design-readyopt-e1-fn-iu-enact-secdefseven-phase-implementationstop-route-gpt-userproduction-mutation-nonedieu442026-05-20
dot-iu-cutter v0.5 — Lifecycle Enactment Design · FINAL Report
doc 6 of 6 · 2026-05-20 · FINAL — STOP → GPT/User
macro_outcome : A — LIFECYCLE_ENACTMENT_DESIGN_READY production_mutation : NONE this macro (design-only) route_to : GPT/User for next-macro decision next_macro_kind : implementation-authoring (PASS/E command-review) or amendment of design defaults (OQ revisions)
1. Verdict
G0 SSOT + live state confirmation : PASS
G1 live lifecycle survey : PASS
G2 existing docs/code discovery : PASS
G3 design options analysis : PASS — OPT-E1 RECOMMENDED
G4 recommended design : PASS — fn_iu_enact contract
+ iu_lifecycle_vocab/log
+ immutability triggers
+ fn_iu_apply_edit_draft patch
G5 grant/verification/rollback plan : PASS — 7-phase sequence,
fingerprints, rollback, backlog
G6 final report (this doc) : PASS
lifecycle_design_status : READY
recommended_path : OPT-E1 fn_iu_enact (SECDEF, canonical writer)
sovereign_decisions_open : 7 (OQ-1..OQ-7; 5 MUST + 2 SHOULD)
production_mutation : NONE
session_artifacts:
- 6 KB docs uploaded under
knowledge/dev/laws/dieu44-trien-khai/v0.5-lifecycle-enactment-design/
- 0 SQL executed
- 0 cutter_agent code written (design only; bodies are sketched)
- 0 push / merge / tag / deploy
- 60 ICX-CONST IUs untouched: still lifecycle_status='draft'
2. Pinned live state at end of macro
-- All probes via context_pack_readonly, statement_timeout 5s, LIMIT 500.
public.information_unit:
total_rows : 158
icx_const_rows : 60
lifecycle_status_distinct : {'draft'}
last_touched : 2026-05-20T04:18:21.854512Z
public.unit_version:
total_rows : 165
icx_const_v1_rows : 60
lifecycle_status_distinct : {'draft'}
enacted_at_non_null_count : 0
review_state_non_null_count : 0
public.iu_lifecycle_vocab : DOES NOT EXIST (design only)
public.iu_lifecycle_log : DOES NOT EXIST (design only)
public.fn_iu_enact : DOES NOT EXIST (design only)
trg_iu_enacted_immut : DOES NOT EXIST (design only)
trg_uv_enacted_immut : DOES NOT EXIST (design only)
dot_config.iu_create.gateway.allowed_marker_values
= 'fn_iu_create,fn_iu_apply_edit_draft' (unchanged from pre-macro)
dot_config.iu_enact.* : ABSENT (design only)
3. The lifecycle gap — closed at the design level
gap_named:
NO canonical function exists today to transition IU lifecycle_status
from 'draft' to 'enacted'. Direct UPDATE is fail-closed by
trg_aa_iu_gateway_write_guard. Adding the canonical writer is the
on-doctrine fix.
gap_closed (in design, not in code):
fn_iu_enact(p_canonical_address, p_actor, p_review_decision_id,
p_target_lifecycle='enacted', p_change_set_id=NULL,
p_reason=NULL, p_tool_revision=NULL, p_dry_run=false) → jsonb
SECURITY DEFINER ; sets app.canonical_writer='fn_iu_enact' ; FSM-guarded ;
vocab-soft-checked ; invariant-pre-checked ; review_decision-required ;
audit-logged via NEW public.iu_lifecycle_log (UUID-keyed) ;
enacted-immutability enforced via NEW trg_iu_enacted_immut +
trg_uv_enacted_immut.
vocab decision:
Adopt the canonical TAC 4-state vocab verbatim:
draft / enacted / superseded / retired
Seed into a new public.iu_lifecycle_vocab table; soft-checked inside
fn_iu_enact (hard FK deferred to a later macro per OQ-2).
coupling fix:
In-scope patch to fn_iu_apply_edit_draft that replaces the GLOBAL
count(DISTINCT lifecycle_status) FROM unit_version probe with a
per-anchor lookup. Without this fix, the first enactment globally
breaks all in-place edit flows. The fix is small, scoped, reversible.
4. The 7 open questions — default recommendations
OQ-1 fn_iu_apply_edit_draft patch : APPLY (option a) — MUST-RULE
OQ-2 iu_lifecycle_vocab enforcement : SOFT-CHECK inside fn (option b) — MUST-RULE
OQ-3 bulk enactment shape : PYTHON LOOP one-tx-per-IU (b) — MUST-RULE
OQ-4 audit log location : NEW iu_lifecycle_log (a) — MUST-RULE
OQ-5 review_decision_id requirement : HARD REQUIRE (a) — MUST-RULE
OQ-6 verify_invariants pre-transition : YES (a) — SHOULD-RULE
OQ-7 P-pub1/P-pub2 strict at enact : WARN-ONLY this scope (b) — SHOULD-RULE
Sovereign deviation from any of these requires explicit overrule before the implementation macro starts authoring code.
5. Impact summary on the 60 ICX-CONST IUs (when phase 7 fires later)
target population : 60 ICX-CONST IUs (current canonical_address LIKE 'ICX-CONST%')
target transition : draft → enacted
per-IU writes (atomic, single transaction):
- 1 UPDATE on information_unit (lifecycle_status, updated_by, updated_at)
- 1 UPDATE on the current unit_version (lifecycle_status, enacted_at, updated_at)
- 1 INSERT on iu_lifecycle_log
total writes (60 IUs) : 180 rows persisted
untouched:
- 98 pre-existing non-ICX-CONST IUs remain 'draft'
- 105 pre-existing UVs remain 'draft' with enacted_at NULL
- birth_registry untouched
- cutter_governance untouched in phase 7 itself (the NEW review_decision
for enactment is recorded in a separate prerequisite macro)
immutability after enactment:
- trg_iu_enacted_immut locks identity/anchor fields on enacted IU rows
- trg_uv_enacted_immut locks body/title/description/content_profile/
content_hash/unit_id/version_seq on enacted UV rows
- DELETE on enacted rows blocked
- lifecycle_status can still move to 'superseded' or 'retired' via
future fn_iu_supersede / fn_iu_retire (designed in §7 follow-on
backlog, not in scope here)
6. Forbidden boundaries — honored in full
not_executed:
- any lifecycle_status mutation on any row
- any UPDATE/INSERT/DELETE on production rows
- any DDL (no CREATE TABLE / CREATE FUNCTION / CREATE TRIGGER actually ran)
- any gateway widening (allowed_marker_values value unchanged)
- any deploy / restart / push / tag / merge
- any hard delete
- any mutation to source_document / source_version
- any MCP write to cutter_governance or directus business tables
- any SQL with side effects beyond temporary read transactions
not_assumed:
- that L1 birth-gate is strict (still PILOT-ONLY per live survey)
- that cutter_governance.review_decision is freely SELECTable from
cutter_exec (it is not; fn_iu_enact runs as directus to read it)
- that a hard FK on iu_lifecycle_vocab can be added cheaply on a
158-row IU table without lock investigation
7. Authorized next macro paths (sovereign choice)
PATH 1 (recommended) — Implementation-authoring macro
effort : xhigh
scope:
- Author public.fn_iu_enact body (PL/pgSQL) on feature branch
- Author public.fn_iu_enacted_immut + public.fn_uv_enacted_immut
- Author public.iu_lifecycle_vocab + public.iu_lifecycle_log DDL
- Author public.fn_iu_apply_edit_draft patch
- Author cutter_agent/lifecycle_enact_adapter.py + CLI sub-command
- Author tests (13 unit + 13 integration sketched in doc 04 §11)
- Author iu-lifecycle-enactment-readme.md (operator-facing)
- Produce KB approval package (command-review style)
- NO DDL EXECUTED ON PRODUCTION YET
exit_state : APPROVAL-READY package; live production unchanged
duration : 45-60 minute macro
PATH 2 — Amendment-of-defaults macro
effort : medium-high
scope:
- Sovereign overrules one or more OQ defaults
- Re-author affected sections of docs 03..05
- Re-spin authoring macro afterward
exit_state : Revised design package; live production unchanged
PATH 3 — Defer
effort : zero
scope:
- Keep 60 ICX-CONST IUs in 'draft' indefinitely (OPT-E2 by acquiescence)
- Risk: downstream lifecycle_status='enacted' consumers will miss
the constitution until phase 7 fires
exit_state : Status quo
Recommendation: PATH 1 (xhigh implementation-authoring macro) with the
default OQ-1..OQ-7 matrix from doc 03 §6 / doc 06 §4.
8. Conditions to satisfy BEFORE phase 7 (authorized enactment) can fire
This macro does NOT authorize phase 7. For completeness, the prerequisites are listed so a future macro can be built against a clean checklist:
Pre-Phase-7 checklist:
P7-1 : DDL phases 1-5 of doc 05 §2 SHIPPED to production
P7-2 : fn_iu_enact + immutability triggers active in dot_config.mode='enforced'
P7-3 : cutter_agent/lifecycle_enact_adapter.py authored, tested,
merged on main
P7-4 : iu-lifecycle-enactment-readme.md PUBLISHED
P7-5 : A NEW cutter_governance.review_decision row recorded for
"enact 60 ICX-CONST IUs" (distinct from 29c88a7b-…
which approved CREATION)
P7-6 : (optional) cut_change_set row recorded for the 60-IU
enactment batch
P7-7 : Operator runs dry_run=True over all 60 addresses; expects
60× status='plan_ok'; reports captured
P7-8 : Sovereign ruling approves phase-7 execution
9. Recommendation to the user
recommendation :
Accept this design package (OPT-E1 + OQ-1..OQ-7 defaults) and authorize
PATH 1 (xhigh implementation-authoring macro) to produce the full
approval-ready code package. Phase 7 (authorized enactment of the 60
ICX-CONST IUs) remains gated behind a SEPARATE sovereign ruling after
implementation lands.
rationale :
- OPT-E1 is the only on-doctrine option (OPT-E2 silently breaks the
semantic invariant; OPT-E3 violates Pack 22-P3 doctrine).
- All 7 OQs have well-reasoned defaults; deviation cost is low even
if any one default is overruled.
- Design composes pre-existing patterns (tac_enacted_immut, law_enacted_immutable,
gateway marker mechanism) — risk profile is genuinely low.
- Latent defect (fn_iu_apply_edit_draft global coupling) is surfaced
and fixed in scope, preventing a future production self-detonation.
- 60 ICX-CONST IUs remain untouched until a separate ruling fires
phase 7.
risks if recommendation is declined :
- Keeping IUs in 'draft' indefinitely creates implicit downstream
convention debt that will surface unpredictably.
- The fn_iu_apply_edit_draft global-coupling defect remains a latent
bomb; the next subsystem that touches lifecycle_status (Pack 23+ ?)
will trip it.
10. STOP routing
status : LIFECYCLE_ENACTMENT_DESIGN_READY
next_action : ROUTE → GPT/User for choice of PATH 1 / PATH 2 / PATH 3
authority : sovereign
forbidden_until_next_ruling:
- no lifecycle UPDATE on any row
- no DDL on production
- no merge/push/tag of any related code (none authored in this macro)
- no deploy/restart
- no widening of iu_create.gateway.allowed_marker_values
- no exempt marker creation
remaining_lifecycle_macros (in recommended order, all xhigh):
M3a : implementation-authoring (PATH 1 above)
M3b : review of M3a authoring package by GPT
M3c : execution-on-production macro (DDL phases 1-5)
M3d : enactment prerequisite — record NEW review_decision row
(leg-B-style)
M3e : Phase-7 enactment macro (60 fn_iu_enact calls, one per IU)
M3f : Post-enactment closeout + KB ruling + follow-on backlog refresh
Cross-references (KB package contents)
v0.5-lifecycle-enactment-design/
doc 01 : Live lifecycle survey — G1 PASS
doc 02 : Existing docs/code review — G2 PASS
doc 03 : Design options analysis — G3 PASS (OPT-E1 RECOMMENDED)
doc 04 : Recommended fn_iu_enact contract — G4 PASS
doc 05 : Grant/verification/rollback plan — G5 PASS
doc 06 : Final lifecycle design report (this) — G6 PASS
Related KB documents (predecessors / context):
- Pack 22 closure:
reports/22-pack-closure-iu-native-create-and-gateway.md - Gateway README:
readme/iu-create-gateway-readme.md - Gateway scope:
design/22-p3-iu-creation-gateway-scope.md - Prior assessment:
v0.5-post-cut-verify-governed-recording-release-readiness/dot-iu-cutter-v0.5-04-lifecycle-enactment-assessment-2026-05-20.md - CUT closeout (60 IUs born):
reviews/dot-iu-cutter-v0.5-first-controlled-canonical-canonical-cut-pass-gpt-ruling-2026-05-20.md - Write-VERIFY closeout:
reviews/dot-iu-cutter-v0.5-write-verify-dot992-pass-gpt-ruling-2026-05-20.md - Main-FF closeout:
reviews/dot-iu-cutter-v0.5-main-fast-forward-merge-pass-gpt-ruling-2026-05-20.md - TAC vocab template:
dieu38-trien-khai/seed-g6/seed-tac-uv-lifecycle.sql