dot-iu-cutter v0.5 WS-Q5 Registry Substrate — Production Read-only Preflight Result

Phase: v0_5_WS_Q5_registry_substrate_production_preflight_and_command_package · Nature: read_only_preflight_plus_command_package__no_apply · Date: 2026-05-18 Authority (consumed, NOT reopened): GPT review …WS-Q5-registry-substrate-isolated-dryrun-gpt-review-2026-05-18 → verdict ISOLATED_DRYRUN_PASS__PRODUCTION_PREFLIGHT_NEXT, route OPTION_C_HYBRID_WITH_SEPARATE_PRODUCTION_COMMAND_REVIEW.

⚠️ GATING BANNER

phase: read_only_production_preflight
queries_run: read_only_catalog_SELECT_only   # QG1
ddl_executed: none                            # QG4 — no CREATE/ALTER/DROP
production_write: none
dml_seed: none
grant_role_change: none
directus_mutation: none
secrets_recorded: none                        # QG7
execution_authorized: false
self_advance: PROHIBITED
decision_authority: GPT / User ONLY

---

1. Target identifier (safe-redacted)

access_method: SSH (BatchMode, ConnectTimeout) to configured host alias 'contabo'
               -> docker exec into container `postgres`
               -> psql -U directus -d directus  (peer/trust local socket inside container)
vps_host: <redacted — SSH alias 'contabo'; IP not recorded here>
vps_node: vmi3080463  (Linux 6.8.0-90-generic x86_64)
db_container: postgres
database: directus
production_system_identifier: 7611578671664259111
expected_production_sysid:    7611578671664259111   # from prior v0.x records + dry-run log
sysid_match: TRUE  -> this IS the real production directus PostgreSQL
postgres_major: 16  (production; dry-run was 14.17 — see dry-run N-1, semantics identical for the types/constraints used)
secrets: NONE recorded — no password printed; POSTGRES_PASSWORD never read; only POSTGRES_USER/POSTGRES_DB (non-secret) inspected

2. Read-only confirmation (QG1)

operations_performed: ONLY SELECT against pg_catalog / information_schema
mutating_statements: ZERO  (no CREATE, ALTER, DROP, INSERT, UPDATE, DELETE,
  GRANT, REVOKE, COMMENT, BEGIN/COMMIT-of-DDL)
write_to_disk_on_vps: none
directus_api_touched: none

3. Queries executed (read-only)

-- 3.1 production identity
SELECT system_identifier FROM pg_control_system();
-- 3.2 schema presence
SELECT count(*) FROM information_schema.schemata WHERE schema_name='cutter_governance';
-- 3.3 existing table inventory
SELECT string_agg(tablename,', ' ORDER BY tablename) FROM pg_tables WHERE schemaname='cutter_governance';
SELECT count(*) FROM pg_tables WHERE schemaname='cutter_governance';
-- 3.4 collision probe vs the 12 WS-Q5 names
SELECT string_agg(tablename,',') FROM pg_tables
 WHERE schemaname='cutter_governance'
   AND tablename IN ('matcher_config_registry','address_template_registry',
   'grammar_profile','grammar_profile_level','grammar_profile_status_marker',
   'source_family_registry','source_document_registry',
   'source_document_version_registry','entity_kind_registry',
   'entity_reference_registry','authority_override','metadata_key_registry');
-- 3.5 baseline constraint / object counts (B-2)
SELECT contype::text, count(*) FROM pg_constraint c
  JOIN pg_namespace n ON n.oid=c.connamespace
 WHERE n.nspname='cutter_governance' GROUP BY contype;
SELECT relkind::text, count(*) FROM pg_class c
  JOIN pg_namespace n ON n.oid=c.relnamespace
 WHERE n.nspname='cutter_governance' GROUP BY relkind;

4. Results

cutter_governance_schema_exists: yes        # information_schema.schemata count = 1
existing_table_count: 12
existing_tables:
  - canonical_address_alias
  - cut_change_set
  - cut_change_set_affected_row
  - decision_backlog_dependency
  - decision_backlog_entry
  - decision_backlog_history
  - decision_backlog_sweep_log
  - dot_pair_signature
  - manifest_envelope
  - manifest_unit_block
  - review_decision
  - verify_result
drift_check: PASS — the observed 12 match exactly the DDL-draft "existing 12
  (UNTOUCHED)" set (decision_backlog_*, manifest_*, review_decision,
  dot_pair_signature, cut_change_set*, verify_result, canonical_address_alias).
  No unexpected/extra base table present.
collision_with_12_new_tables: NONE   # 0 of 12 WS-Q5 names exist -> 0 collision
zero_collision: yes

baseline_constraints (B-2):
  primary_key (p): 12
  foreign_key (f): 19
  unique (u):      2
  check (c):       1     # pre-existing; NOT introduced by WS-Q5
baseline_objects:
  relkind r (ordinary table): 12
  relkind v (view):           12   # v0.3 read-observability v_*_observe views
  relkind i (index):          18

5. Expected post-apply deltas (for the verification package)

tables (r):     12 -> 24   (+12)
primary_key (p):12 -> 24   (+12)
foreign_key (f):19 -> 27   (+8)
unique (u):      2 ->  6   (+4)
check (c):       1 ->  1   (UNCHANGED — WS-Q5 authors 0 CHECK)
view (v):       12 -> 12   (UNCHANGED)
rows in 12 new tables: 0   (no DML seed in this package)
production_system_identifier: 7611578671664259111 (UNCHANGED before==after)

6. Preflight verdict

preflight: PASS
reasons:
  - real production confirmed (sysid match)
  - cutter_governance schema exists -> production artifact MUST NOT CREATE SCHEMA (QG2)
  - 0 collision with all 12 WS-Q5 names (QG3)
  - no schema drift; existing 12 tables match the design's UNTOUCHED set
blocked: false
escalation_needed: false   # no unexpected object / no drift -> restored-prod
  dry-run NOT triggered (per GPT review "escalate only if drift/collision")

7. Statements

• QG1: read-only catalog preflight performed BEFORE any command package is declared ready. QG3: 0 collision verified (not assumed). QG4: zero DDL/DML executed. QG7: no secrets in this file.
• This session HAS read-only VPS access (SSH alias contabo → docker exec postgres). Not BLOCKED. No production write performed; no route substitution.
• Self-advance PROHIBITED — doc 1 of 5; production apply NOT executed and still requires GPT/User sovereign approval. STOP after package complete → route GPT/User.

Companion files: production-apply-command-package, production-rollback-command-package, production-verification-command-package, production-command-review-report.