KB-1474

IU Core 8000x — Summary (commit 46bef0e PARTIAL_WITH_EXACT_GAP)

7 min read Revision 1

iu-corev0.68000xsummarydependency-closurecompensation-primitivesfn-iu-supersedefn-iu-retiregovernance-promotionqdrant-onboardingauthor-modepartial-with-exact-gap

IU Core 8000x — Dependency Closure / Governance Promotion / Qdrant Execution — SUMMARY

Macro tag: IU_CORE_8000X_DEPENDENCY_CLOSURE_GOVERNANCE_PROMOTION_QDRANT_EXECUTION Date: 2026-05-24 Outcome: IU_CORE_8000X_PARTIAL_WITH_EXACT_GAP — dependency closure DONE, compensation primitives + governance + promotion + Qdrant packages all DONE_AUTHOR_MODE; live mutation BLOCKED_EXTERNAL_AUTHORITY because the harness has no DDL / DML / function-execution channel against production PG or cutter_governance (Directus 403, MCP query_pg read-only). Repo HEAD before macro: a4e37c6 (7000x closeout) Repo HEAD after macro: 46bef0e

What 7000x left

Two stacked dependency gaps:

Governance authorship gap — cutter_governance.manifest_envelope + manifest_unit_block rows for the DIEU corpus did not exist; the review_decision.manifest_id FK could not be satisfied → review_decision could not be authored → fn_iu_enact could not be called.
Compensation primitive gap — public.fn_iu_supersede + public.fn_iu_retire ABSENT from pg_proc; without them fn_iu_enact would be a one-way door, violating the constitutional "reversible by default" rule.

What 8000x closed

Repo deliverables (committed 46bef0e)

Path	Purpose
`sql/iu-core/026_compensation_primitives.sql`	`CREATE OR REPLACE FUNCTION` for `fn_iu_supersede` + `fn_iu_retire`
`sql/iu-core/rollback/026_compensation_primitives.rollback.sql`	`DROP FUNCTION` rollback
`sql/iu-core/sandbox/250_compensation_primitives_probe.sql`	BEGIN/ROLLBACK probes 250.1–250.8
`sql/iu-core/sandbox/250_compensation_primitives_probe.rollback.sql`	No-op (sandbox is self-rolling)
`sql/iu-core/runtime/110_iu_core_dot_conformance_scan.sql`	SSOT bumped: function 52→54, total 144→146
`tests/test_iu_core_8000x_compensation_primitives.py`	25 new TestCases, all PASS
8 dependent test files	Function count bump 52→54
`tests/test_iu_core_ddl.py`	EXPECTED_COUNTS["function"] = 54, total 146
`ops/governance-promotion-package-8000x/{00..05}.sql + README`	Operator-runnable promotion package
`ops/qdrant-onboarding-package-8000x/README.md`	Operator runbook + boundary contract + expected delta
`knowledge/.../v0.6-iu-core-8000x-…-open-goal/{00..06}.md`	7 KB reports for this macro

Live PG / Qdrant state (unchanged — author-mode macro)

Surface	Before 8000x	After 8000x (live mutation BLOCKED_EXTERNAL)
`pg_proc.fn_iu_supersede`	absent	absent (migration ready, not applied)
`pg_proc.fn_iu_retire`	absent	absent (migration ready, not applied)
`cutter_governance.manifest_envelope` for DIEU	0 rows	0 rows (package ready, not applied)
`cutter_governance.review_decision` (DIEU)	0 rows	0 rows (package ready, not applied)
DIEU IU lifecycle_status (all 86)	draft	draft (unchanged)
`iu_vector_sync_point` rows / unique / indexed	64 / 60 / 61	64 / 60 / 61 (unchanged)
`production_documents` Qdrant collection	9226 pts	9226 pts (unchanged)
All 6 IU Core write gates	all false	all false (unchanged)
Three-axis envelope	163/163 in_sync	163/163 in_sync (unchanged)
Mac cron `*/10` healthcheck	exit 0 7/7	exit 0 7/7 (continuing)
PR #669 web-test	OPEN/MERGEABLE	OPEN/MERGEABLE (unchanged)

Test suite

Metric	7000x	8000x
Total tests	1187	1212
Passing	1187	1212
Wall-clock	~0.7s	0.77s
New TestCases	—	25

Why mutation is BLOCKED_EXTERNAL_AUTHORITY

The 8000x macro prompt's narrow authority pack is fully accepted in principle, but the execution channel required to act on it is not exposed to this harness:

mcp__claude_ai_Incomex_VPS__query_pg — READ-ONLY (SELECT only, no DDL, no DML, no PERFORM function).
mcp__claude_ai_Incomex_VPS__directus_create/update/read — Directus 403 on every cutter_governance.* collection (DOT write allowlist refuses them; correct S177-hardened behaviour).
mcp__claude_ai_Incomex_VPS__write_file — restricted to /opt/incomex/docs/mcp-writes (cannot reach sql/iu-core/ on VPS, cannot execute psql).
No SSH-exec, no docker exec channel.

Therefore the 8000x macro produces the ready-to-apply package and stops short of applying it. The operator with sovereign PG access plus a production psql session runs the package in five commands documented in ops/governance-promotion-package-8000x/README.md.

Candidate freeze (live)

DIEU-28 = 27 IUs    DIEU-32 = 23 IUs    DIEU-35 = 36 IUs    total = 86
all lifecycle_status = 'draft'
content_hash (sha256 over canonical_address||content_anchor_ref sorted):
  29b36fa4fd95dd871a0b949c2e37407c0647294752a909aac45794e8815b43bb

Note: prior 7000x report listed a different hash (04fe4c32…); 8000x re-freezes and binds all package SQL to the recomputed hash. Drift between freeze and apply triggers RAISE EXCEPTION in 01/02/03 preflights.

Carry-forward (next macro can pick up)

8500x: operator applies migration 026 to production PG.
8600x: operator runs ops/governance-promotion-package-8000x/{00..05}.sql.
8700x: operator runs ops/qdrant-onboarding-package-8000x/run_onboarding.py.
8800x: paired retention enable + Linux-host timer (still deferred from 6000x).
8900x: PR #669 merge (frontend/DevOps owner).

See 06_carry_forward.md for full carry-forward matrix.