IU Core Hygiene — 05 Repairs, artifacts, automation/rollback readiness
IU Core Constitution/DOT Hygiene — 05 Repairs + artifacts
Repaired violations
R1 — Stale SSOT status header (sql/iu-core/README.md) — FIXED
The top-level package README still declared "001–005 are applied",
"runtime 010–030 installed", "7 tables, 2 views, 7 functions", master gate
"absent ⇒ off", and every route "enabled=false". All of that was stale
"miếng thông tin" — production has 001–009 + runtime 010–050/060/090, both
gates open, the outbound route enabled=true. The runtime/README.md was
current; the top-level one was not, so a reader hitting the package entry point
first got a false picture.
Fix: status header rewritten to the true live state (33 objects, both gates
open, dry_run=false still blocked). The two "repo-ahead-of-production" notes
for migrations 006/007 were marked CLOSED — both were applied to
production under the controlled-route macro.
R2 — Missing consolidated DOT scan (HYG-3) — FIXED
New artifact sql/iu-core/runtime/110_iu_core_dot_conformance_scan.sql — see
doc 03. Read-only, BEGIN … ROLLBACK, enumerates all 33 objects against an
in-file SSOT inventory, emits a per-class pass/fail verdict + a reverse drift
guard. Both READMEs updated to list it.
R3 — Pointer-only prompt KB stubs (HYG-4) — FIXED
The two prompt docs under …/prompts/iu-core-{controlled-route,worker-live}-…
contained metadata only, not the prompt body. Both were patched (revision 2)
with an explicit POINTER_ONLY_STUB status banner and a KB-hygiene note
directing readers to the macro's final report as the authoritative record.
They are no longer mistakable for prompt SSOT.
R4 — Five-layer impact never documented (HYG-5) — FIXED
Doc 04 (this package) + a concise five-layer note added to
runtime/README.md.
Artifacts produced
| Artifact | Type | Reversible / safe |
|---|---|---|
runtime/110_iu_core_dot_conformance_scan.sql |
new repo SQL (read-only) | mutates nothing — no rollback needed |
sql/iu-core/README.md |
repo doc edit | git-reversible |
sql/iu-core/runtime/README.md |
repo doc edit | git-reversible |
tests/test_iu_core_ddl.py |
+1 test class TestDotConformanceScan (+6 tests) |
git-reversible |
| 2 prompt KB docs | metadata banner patch (rev 2) | KB-reversible |
commit b9532a3 |
repo commit (parent 41d4fd7) |
git reset --hard 41d4fd7 |
No production object was created, altered, or dropped. The narrow
production-mutation approval (inert DOT metadata) was not exercised — the
DOT scan landed as a repo script, and its conformance evidence was gathered via
read-only query_pg. This is stricter than the approval allowed and needed no
backup.
Automation / rollback / disable readiness
| Operational path | Disable | Rollback | Verify | Status |
|---|---|---|---|---|
| Master gate | dot_config key false |
n/a (config) | 040 V4 / 110 D5 |
automated |
| Worker gate | runtime/080 |
rollback/090 |
070 W4 / 100 L1 |
automated |
| Routes | UPDATE … enabled=false |
rollback/020 |
040 V2 / 110 D7 |
automated |
| Triggers | rollback/030 (DROP TRIGGER) |
rollback/030 |
040 V3 / 110 D4 |
automated |
| Worker substrate | — | rollback/009→008 (refuse-if-history) |
070 W1 |
automated |
| DOT conformance | n/a (read-only) | n/a | runtime/110 |
automated (new) |
| Worker invocation/scheduling | — | — | — | OPEN — see doc 06 |
Every recurring operation except worker scheduling has a SQL function, script, healthcheck, or copy-paste runbook. No safety condition depends on a human remembering a sequence. The single open item — the worker's invocation/scheduling mechanism (HYG-6) — is architecture work deferred to the next macro; it is not a regression, because the worker is invocation-based and currently inert between calls.