dot-iu-cutter v0.5 — S2→CUT Capability Readiness · Current Code & S2 State

Phase: v0_5_S2_to_CUT_capability_readiness · Nature: investigation + local CI; no commit; no production · Date: 2026-05-19 · doc 1 of 5 Authorized by GPT ruling …cut-command-review-blocked-gpt-ruling-2026-05-19 (PASS_AS_BLOCKED_WITH_EXACT_GAP → macro capability-readiness track).

kb_read: confirmed · kb_upload: confirmed (this doc)
nothing_committed: true · production_mutation: NONE · self_advance: PROHIBITED

1. Repo / branch / HEAD / working tree (re-verified live, read-only)

repo_path:        /Users/nmhuyen/iu-cutter-build/repo/iu-cutter
branch:           feature/constitution-snapshot-mark-dryrun
HEAD:             afb7bfcc9b7bbb953bb00159479c9611e6ac4bd1  (unchanged)
git_log:          afb7bfc "feat: add snapshot MARK dry-run entrypoint"
                  4367c83 "baseline: ratified iu-cutter v0.4 skeleton …"
working_tree:     ONLY 2 untracked files — `?? cutter_agent/cutplan.py`,
                  `?? tests/test_cutplan_snapshot.py`. Zero tracked-file diff. main untouched.

2. Committed MARK entrypoint (ratified)

cutter_agent/dryrun.py: sha256 f1f42e83ca23ba0b328f79cf04a8391ac699d1b307eb1b22b52c305f2efa1422
  - MARK-only / import-isolated; produced the accepted manifest digest 9d908a62….
tests/test_dryrun_snapshot_mark.py: sha256 454d9fc8…f2843a4a
  - LOCAL RESULT THIS SESSION: `Ran 21 tests … OK` (21/21) — the ratified MARK CI gate of record.
tests/fixtures/constitution-normalized-17660443e0f23e99.md: present (21092 B); the byte-exact
  pinned snapshot fixture (region sha 17660443…cae80c, len 17522, markers 19·1·1·1).

3. Untracked S2 files (cutplan)

cutter_agent/cutplan.py:            sha256 548eabc5530260555ff448ce6f3acded9728fe51c4ae61de658e9a97c4d828f1
tests/test_cutplan_snapshot.py:     sha256 06e871e73496089f5a88f072fb0a1e4f5d4ac720e1cb73bd737bc12d699a578a
(both shas == the S2 pinned values; byte-identical to the escalated S2 implementation —
 NOT modified this session.)

4. S2 — what it did / did not do (summary; detail in doc 2)

S2_did:
  - authored a stdlib-only, import-isolated `cutter_agent.cutplan --mode cut-plan-only`
    entrypoint + a 15-test unittest file, per the ratified S1 contract;
  - it is a NET-ZERO CUT-PLAN PLANNER: validates the pinned manifest identity and emits
    artifact-only PREVIEW row-sets; writes ZERO DB/IU rows.
S2_did_NOT:
  - it is NOT a writer: no DB connection, no information_unit/unit_version insert, no
    fn_iu_create call, no signing/credential/rollback/verify hooks (by construction);
  - it was NOT committed (escalated on a commit-gate ambiguity); HEAD afb7bfc unchanged;
  - its PREVIEW write-set models the v0.4 `ledger.py` families (manifest_envelope /
    manifest_unit_block / cut_change_set) — NOT the real production `public.information_unit`
    + `unit_version` birth-gated model (see doc 3 — this is the controlling writer gap).

5. Local test evidence (this session; no DB env; no production)

cmd: env -u PG_DSN -u DATABASE_URL -u DIRECTUS_URL -u PGPASSWORD -u PGHOST -u PGUSER \
       python3 -m unittest <suite>
tests.test_cutplan_snapshot:        Ran 15 tests … OK            (15/15 GREEN)
tests.test_dryrun_snapshot_mark:    Ran 21 tests … OK            (21/21 GREEN — MARK precedent)
unittest discover -s tests:         Ran 128 tests … FAILED (failures=1)
py_compile cutplan.py + test:       OK

5a. The single full-discover failure is PRE-EXISTING at the ratified baseline (re-proven)

failing_test: tests/test_security_boundaries.py::TestNoSecretPrinted
  ::test_source_has_no_hardcoded_dsn_or_secret
assertion:    for every non-test *.py: assertNotIn("PGPASSWORD", text)
root_cause:   the RATIFIED committed cutter_agent/dryrun.py LINE 474 contains the tuple
              ("PG_DSN","DATABASE_URL","DIRECTUS_URL","PGPASSWORD") in its DB-env REFUSAL
              guard (an env-var NAME the code refuses to read — NOT a hardcoded secret).
independent_proof_this_session: moved BOTH S2 files aside → pure baseline afb7bfc →
              `Ran 113 tests … FAILED (failures=1)`, identical test, still pointing at
              dryrun.py. ⇒ failure exists WITHOUT S2; it is not an S2 regression.
              S2 files then restored byte-exact (shas re-verified 548eabc5… / 06e871e7…;
              tree back to 2 untracked only).
precedent:    the MARK entrypoint commit afb7bfc was ratified with this same latent
              full-discover failure; its CI gate of record was the targeted module suite
              (tests.test_dryrun_snapshot_mark, 21/21) — confirmed green this session.
              cutplan.py:50 mirrors the SAME ratified guard idiom (DB_ENV_GUARD tuple);
              it trips the same over-broad heuristic, introducing no new defect class.

6. No-mutation statement for this doc

performed: read-only git/file inspection; local unittest runs (no DB env, net-zero);
  byte-exact move-aside/restore proof; read-only PG schema probe (doc 3). KB doc created.
NOT performed: no commit/push/merge/tag/deploy · no code edit · no CUT/VERIFY · no DB/IU/
  Directus/vector write · no source/version mutation · no self-advance.

doc 1 of 5. Nothing committed/executed against production. Self-advance PROHIBITED.