KB-5DC2
02 — Live Baseline + Backup (pre-state captured 2026-05-26 11:06 UTC)
4 min read Revision 1
dieu-45phase-1baselinebackuppre-statesilent-gap2026-05-26
02 — Live Baseline + Backup
Captured at 2026-05-26 11:06:00 UTC, before any DDL/DML.
PG identity
| Key | Value |
|---|---|
| Server | PostgreSQL 16.13 (Debian 16.13-1.pgdg13+1) on x86_64-pc-linux-gnu |
| Extensions installed | btree_gist, pgcrypto, plpgsql, postgres_fdw |
pg_cron installed |
No (0 rows in pg_extension WHERE extname='pg_cron') |
| Database | directus |
| Role used | workflow_admin |
Row counts (pre-apply)
| Table | Rows |
|---|---|
event_outbox |
133,784 |
event_read |
133,445 |
event_subscription |
3 |
event_type_registry |
31 |
dot_config |
86 |
information_unit |
175 |
iu_route_dead_letter |
0 |
dot_iu_runtime_lease |
0 |
dot_iu_command_catalog |
41 |
dot_iu_command_run |
22 |
iu_vector_sync_point |
152 |
Object counts (pre-apply, public schema)
| Surface | Count |
|---|---|
| Tables (BASE) | 268 |
| Views | 52 |
| Functions | 507 |
Silent gap on iu_route_worker_cursor
| Field | Value |
|---|---|
worker_name |
iu_outbound_default |
event_domain |
iu |
last_run_at |
2026-05-22 11:31:41.928657 UTC |
| Age at baseline | 344,058 seconds ≈ 95.6 hours |
This is the §15.5 silent-gap violation flagged in [[feedback-dieu45-silent-gap-violation-post-enactment]]. Phase 1 does not restart this worker; it provides the substrate (fn_queue_heartbeat_tick, queue_heartbeat, v_queue_health) that Phase 2 will use to close the gap.
Negative-existence checks (must remain absent)
| Object | State |
|---|---|
public.production_documents |
absent (to_regclass → null) |
public.job_queue |
absent |
public.job_dead_letter |
absent |
public.queue_heartbeat |
absent |
Existing dot_config shape (confirmed via information_schema)
key:text, value:text, description:text, updated_at:timestamp with time zone
Phase 1 queue.* keys insert correctly into this 4-column shape.
Existing event_outbox.safe_payload_check (mirrored into job_queue)
CHECK (
NOT (safe_payload ? 'body')
AND NOT (safe_payload ? 'content')
AND NOT (safe_payload ? 'raw')
AND NOT (safe_payload ? 'vector')
AND NOT (safe_payload ? 'embedding')
AND NOT (safe_payload ? 'secret')
AND NOT (safe_payload ? 'token')
AND NOT (safe_payload ? 'password')
AND NOT (safe_payload ? 'ssn')
AND NOT (safe_payload ? 'personal_data')
)
Verbatim mirrored into:
job_queue.job_queue_payload_safe_check(onpayload_json)job_dead_letter.job_dead_letter_payload_safe_check(onpayload_json)queue_heartbeat.queue_heartbeat_metadata_safe_check(onmetadata)
Function security pattern observed
| Function | SECURITY | Lang |
|---|---|---|
fn_iu_create |
DEFINER | plpgsql |
fn_iu_cut_from_manifest |
DEFINER | plpgsql |
fn_iu_op_mark_file |
INVOKER | plpgsql |
fn_iu_route_worker_run |
INVOKER | plpgsql |
Phase 1 mutating fns (fn_job_enqueue, fn_job_claim, fn_job_ack, fn_job_move_to_dead_letter, fn_job_fail_or_retry, fn_queue_heartbeat_tick) use SECURITY DEFINER to match the core-primitive precedent. The read-only fn_queue_stale_check uses SECURITY INVOKER.
Backup file
/opt/incomex/backups/dieu45-phase1/pre-dieu45-phase1-20260526T110807Z.dump
size: 82,775,116 bytes (Fc custom format)
sha: captured by pg_dump format header
Why the substrate decisions are safe to apply
- Three new tables. No reuse of existing tables.
- All new functions short-circuit when their gate is
false. - Conservative defaults: 4/4 master gates default false; nothing emits, ticks, or runs.
- Phase 1 does not touch any of the 268 pre-existing tables, 507 pre-existing functions, 52 pre-existing views, or 86 pre-existing dot_config rows.