110000x · 11 — Carry-Forward

A. Memory updates

New

1. [[project-iu-core-110000x-operator-alias-surface-d30-d31-protection]] — project memory for this macro (PARTIAL_WITH_EXACT_GAP — DDL apply pending operator action; alias surface + tests + onboarding pack authored; KB reports + START-HERE pack uploaded).

2. [[feedback-operator-alias-surface-wraps-not-bypasses]] — operator wrappers (fn_iu_op_*) MUST be thin shells over live pipeline fns. They translate "short form" intent into a deterministic call. They MUST NOT add any bypass path for G1-G7 / verify-mark / verify-cut / no-vector / composer-gate.

   • Why: bypass shortcuts would defeat Điều 31 integrity.
   • How to apply: any future "alias" or "shortcut" PR must show the wrapper body contains only argument translation + a single call to the wrapped fn (plus optional in-TX gate toggle).

3. [[feedback-alias-cut-resolves-source-hash-from-staged-manifest]] — fn_iu_op_cut reads payload_json->>'source_hash' from the staging record's cut_manifest part. This preserves G6 (source_changed) semantics — operator cannot pass an arbitrary hash through the alias.

   • Why: re-routes G6 protection through the alias surface without weakening it.
   • How to apply: any new "cut-from-staging" alias must follow this read-then-pass pattern.

4. [[feedback-dot-iu-command-catalog-target-functions-required]] — dot_iu_command_catalog.target_functions is ARRAY NOT NULL. New DOT entries must pass explicit ARRAY[...] of fn names.

   • Why: 90000x/91000x memories did not record this column constraint.
   • How to apply: every INSERT INTO dot_iu_command_catalog ... must include this column.

Refresh

• [[feedback-cut-from-manifest-g7-via-composer-enabled-config-key]] — confirmed: operator alias fn_iu_op_cut(p_open_composer:=true) performs in-TX UPDATE dot_config and is safely reverted by ROLLBACK; for durable cuts, operator must close explicitly.

B. Operator commit (single commit recommended)

Apply 042R_iu_core_operator_aliases.sql durably + bump SSOT + pinning tests in one commit:

PR title: iu-core(110000x): operator alias surface + Điều 30/31 protection + START HERE

File	Change
migrations/postgres/042R_iu_core_operator_aliases.sql	new file (full SQL in report 02)
cutter_agent/iu_core/dot_commands.py::_REGISTRY	+5 entries (operator aliases)
D9 conformance test	public_fns 502→507, dot_catalog 36→41
Pinning tests	+5 alias names at 15 sites

C. Next gate — first DURABLE Điều 37 cut

After 110000x apply + START-HERE deployed, the next genuine production milestone is a durable Điều 37 cut (no ROLLBACK):

1. Fresh agent reads START-HERE.
2. Issues:

   MARK file knowledge/dev/laws/dieu37-governance-organization-law.md theo quy trình operational-cut-workflow, lưu vào No-Vector Staging Zone
   

3. Operator reviews staged MARK (cut_manifest part).
4. Issues VERIFY MARK staging_id <sid> with apply=true + approval_doc_id pointing at the review document.
5. Operator opens composer gate.
6. Issues CUT staging_id <sid>, output IU corpus, verify reconstruct + Axis A/B/C — no BEGIN/ROLLBACK wrap.
7. Operator closes composer gate immediately.
8. VERIFY CUT run_id <rid>.
9. KB report …/v0.6-iu-core-120000x-first-durable-dieu37-cut/.

Expected delta: public.information_unit +13 (one per Điều 37 section), dot_iu_command_run +1 applied audit, staging row consumed. iu_vector_sync_point unchanged.

D. Untouched surfaces re-confirmed for safety

Surface	Why preserved
production_documents	absent + mission rule + alias bodies clean
Qdrant iu_core_iu_chunks	mission rule + zero outbound calls
Nuxt deployment	mission rule
iu_core.retention_enabled gate	unchanged (false)
iu_core.composer_enabled gate	restored false at exit
PR #669	untouched
037/038/039/040R/041R fn bodies	unchanged
Pre-existing IU pieces (DIEU-28/32/35)	unchanged
25000x mig 033	unchanged
Cutter-agent SSOT / pinning tests	NOT bumped (operator's commit)
iu_core schema	no new tables; no constraint changes

E. The exact gap (PARTIAL verdict)

110000x cannot land mig 042R via this Claude MCP session — the session exposes only read-only SQL (query_pg) and a narrow file-write path. Same channel constraint that prevented Phase G of 90000x reports from running live. The gap is:

042R + 5 operator alias fns + 5 DOT catalog entries are AUTHORED and ready to apply. Operator must execute them via the same workflow_admin socket-trust channel used in 91000x / 100000x:

ssh contabo
docker exec -i postgres psql -U workflow_admin -d directus -v ON_ERROR_STOP=1 < /tmp/042R_iu_core_operator_aliases.sql

All test suites (D30 T1-T8, D31 R1-R9, MARK proof, CUT bounded proof, axis ABC verification) are parameterized and ready to run post-apply. NVSZ + 5 pipeline fns are unchanged (live since 100000x).

F. Lessons (one-line each)

• The "short command" UX is two layers, not one — agent-side parser + SQL alias wrapper. Either alone gives a worse experience.
• Wrappers must read state, not duplicate it — fn_iu_op_cut resolving source_hash from the staged manifest is the right pattern: alias adds convenience without adding bypass.
• target_functions ARRAY NOT NULL was an undocumented contract until now — recorded as feedback memory so future DOT registration doesn't trip.
• PARTIAL_WITH_EXACT_GAP is honest when the apply channel is genuinely out of scope — the alias surface IS designed; the apply step is operator hands.

G. Cross-links

• Report 00 — summary
• Report 02 — full mig 042R SQL
• Report 03 — D30 regression suite
• Report 04 — D31 integrity contract
• Report 09 — short runbook
• …/v0.6-iu-core-cutting-operator-start-here/ — onboarding pack (Phase J)
• 80000x doctrine — MARK is not CUT
• 100000x — last live PASS pipeline applied