Incomex AI Portal
KB-46D2

IU Core 60x Delivery/Non-reparent — 07 Final report (PASS)

7 min read Revision 1
dieu44iu-core-mvp60xfinal-reportiu-core-60x-durable-nonreparent-delivery-prep-passv0.62026-05-22

IU Core — 60x Durable Non-reparent / Delivery / Auto-cut — Final Report

  • Macro: IU_CORE_DURABLE_NONREPARENT_DELIVERY_AUTOCUT_60X_OPEN_GOAL
  • Date: 2026-05-22
  • Host: MacBook/dev /Users/nmhuyen/iu-cutter-build/repo/iu-cutter
  • Production: VPS vmi3080463, container postgres (postgres:16), DB directus
  • Outcome: IU_CORE_60X_DURABLE_NONREPARENT_DELIVERY_PREP_PASS

1. Final status

IU Core advanced from "all six structure-op types implemented + proven in sandbox/070, non-reparent NOT durably enacted, delivery seam unbuilt" to: the first durable non-reparent structure operation enacted on production (a reversible deprecate_piece); the route delivery seam built, applied, proven, and exercised in one controlled dry_run=false delivery to an internal sql_function consumer; the auto-cut → structure-op → event → delivery chain proven DB-backed. No external delivery; no production CUT; no execution_enabled flip.

2. What changed

Repo — commit 8a450a7 (parent 4b0d6f5), +1394/-39, 12 files

  • 013_delivery_seam.sql (+ rollback) — iu_tree_change_log table, fn_iu_delivery_enabled, fn_iu_structure_consumer, fn_iu_route_deliver rebuilt, fn_iu_outbound_route_delivery_guard + trigger; static CHECK swapped.
  • runtime/200_delivery_seam_register.sql (+ rollback) — the two delivery config keys, registered closed/empty.
  • runtime/210_durable_deprecate_piece.sql — the first durable non-reparent op (discovery-driven deprecate_piece).
  • runtime/220_delivery_dryrun_false_proof.sql — the controlled dry_run=false worker delivery proof.
  • sandbox/080_delivery_seam_probe.sqlBEGIN…ROLLBACK 9-probe proof.
  • runtime/110 — DOT SSOT inventory 53 → 60.
  • delivery_seam.pySqlFunctionDeliveryTarget mirrors the built seam.
  • test_iu_core_60x_delivery_seam.py + 2 updated test files — 686 → 712.

Production directus DB (durable)

  • Migration 013 + runtime/200 applied — delivery seam built, inert (gate closed, allowlist empty).
  • runtime/210 — 1 durable deprecate_piece op 158a9bcf…; IU pilot.iu0.test-001 draft → deprecated; structure_piece_deprecated event.
  • runtime/220 — 1 controlled dry_run=false delivery → 1 iu_tree_change _log projection row, 1 sent iu_route_attempt.
  • Result: iu_structure_operation 45→46, event_outbox iu 44→45, iu_route_attempt 44→45 (1 sent), iu_tree_change_log 0→1, iu_route_dead_letter 0.

3. Repo / branch / HEAD

Branch main; HEAD 4b0d6f58a450a7 (code) → 61e9bea (KB reports). No push/merge/tag.

4. Production backup + gates

Backup pg_dump -Fc/opt/incomex/backups/directus-pre-iucore-60x-20260522T032338Z.dump — 75 512 342 bytes — sha256 7160f32fbc27d5a14f43f51429c2362a143239f8bf3b33876a9fd2bf28bafc7b (279 TABLE DATA entries verified). All 14 mandatory gates PASS before any mutation.

5. No-hardcode / DOT / five-layer

  • No-hardcode: PASS — 0 secret/DSN/api-key/IP, 0 uuid literals in 013/ 210; identifiers + config keys + bus vocabulary only.
  • DOT: PASS — runtime/110 live scan 60/60, every class ok=true, D8 0 drift.
  • Five-layer: classified (doc 06) — PG real change; Directus data-only; Nuxt render only; AgentData/KB reports; Qdrant no impact.

6. Selected non-reparent candidate + discovery evidence

deprecate_piece chosen — the lowest-risk non-reparent op (lifecycle-only, no birth gate, no lineage edge, one row, reversible). Candidate selected by a discovery query (12 stale pilot.*/test/* scratch IUs matched the structural predicate; the oldest — pilot.iu0.test-001, 3ffbbaa5…, 2026-05-05 — was picked deterministically). No hardcoded id. See doc 02.

7. Durable non-reparent apply / verify

runtime/210 ran plan→apply→verify in one atomic transaction. Op 158a9bcf-fc4b-4919-a979-56ccdb2f127a planned→enacted; pilot.iu0.test-001 draft→deprecated; verify ok=true. Gate opened and closed in the same txn.

8. Rollback / compensation readiness

Proven BEGIN…ROLLBACK against the durable op: fn_iu_structure_op_rollback('158a9bcf…') restored deprecated→draft, verify ok=true status=rolled_back. Every other path reversible: rollback/013, runtime/rollback/200, gates closable, iu_tree_change_log truncatable.

9. Structure event + worker evidence

runtime/210 emitted a durable structure_piece_deprecated event (event_outbox stream update, payload_classification=safe_metadata). runtime/220's worker run processed it (seen=1 dead_lettered=0) and recorded an auditable iu_route_attempt (status=sent). The dry-run worker path for the structure-event family is proven additionally in sandbox/080 D7 (44 events).

10. Delivery seam result

Built (migration 013), applied inert, proven in sandbox/080 (9/9 probes: fail-closed gate, allowlist, idempotent consumer, config-backed trigger guard, worker integration at scale, autocut→delivery). The seam delivers ONLY to the internal fn_iu_structure_consumer — no network, no secret. See doc 03.

11. dry_run=false internal proof

Completed — runtime/220. One controlled dry_run=false delivery through the route worker to fn_iu_structure_consumer; durable footprint exactly one iu_tree_change_log row + one sent attempt; route + gates restored on COMMIT. External delivery stays blocked. See doc 04.

12. Auto-cut bridge proof

sandbox/080 D8 — an auto-cut-mapped add_new_piece applied (ok=true, birth gate minted one IU), emitted structure_child_added, and that event delivered through the new seam to a projection row. First DB-backed proof of the full auto-cut→delivery chain. delivery_seam.py advanced with SqlFunctionDeliveryTarget. No production CUT. See doc 05.

13. Tests

712 passed (was 686; +26 in test_iu_core_60x_delivery_seam.py; 3 DOT-count tests updated for the 53→60 inventory).

14. KB reports

Under .../v0.6-iu-core-60x-durable-nonreparent-delivery-autocut-open-goal/: 01-precheck-survey-backup.md, 02-durable-deprecate-piece.md, 03-delivery-seam.md, 04-dryrun-false-proof.md, 05-autocut-bridge-advance.md, 06-dot-nohardcode-fivelayer.md, 07-final-report.md (this file), 08-next-macro-package.md.

15. No forbidden action

No external downstream delivery; no production CUT; no broad lifecycle mutation; no ungoverned IU created durably; no destructive cleanup; no deploy/restart; no daemon; no cron; no execution_enabled flip; no secret logged; no push/merge/tag. GPT handoff not used as task input.

Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/v0.6-iu-core-60x-durable-nonreparent-delivery-autocut-open-goal/07-final-report.md