Checkpoint — B7 Governed Export-Packet Pipeline

Date: 2026-06-10 · Final status: B7_GOVERNED_EXPORT_PACKET_PARTIAL Production mutation: NO · Codex: NO · Mac-local evidence: NO · MVP live DB access: NO · New repo: NO · Article 13: PASS · Article 14: PASS

Scope

Program macro PROGRAM_MACRO_CLOSE_B7_GOVERNED_EXPORT_PACKET_PIPELINE_AND_PHASE4_READINESS_2026_06_10: close the B7 governed export-packet pipeline end-to-end (source authority → named-query/export contract → provenance packet → offline MVP consumption/test → Phase 4 readiness) or produce action-ready blockers. Result: the export-packet CORE is closed with real evidence; the residual promotion/service/writer/gate items remain action-ready → overall PARTIAL. Read-only on governed surfaces except KB doc writes (the deliverables) + local validation artifacts in /tmp.

What closed (real evidence, 2026-06-10)

• Source authority verified live: role context_pack_readonly (rolsuper/createrole/createdb/bypassrls all false), DB directus; 17/17 target governed surfaces exist; native export/manifest/catalog precedents (dot_iu_command_catalog, context_pack_manifest, v_iu_collection_manifest/_export_status) found and reused.
• Side-effect-SQL prevention live-proven (no mutation): INSERT/CREATE → only SELECT queries allowed; multi-statement → exactly one statement required; current_setting() restricted; honest gap proven — SELECT pg_backend_pid()=514845 shows a SELECT can call a function ⇒ named-catalog allowlist (empty today) is what stops side-effect functions, not the gateway alone.
• Real governed packet produced: PKT-B7-REF-2026-06-10-001, manifest sha256:bba872b9…6097, 6 provenance-stamped items (309/219/102/309 rows/41 diag/224019). Fresh counts confirm the prior baseline (no CONFLICT).
• Validation ran: b7_validate.py → 10/10 positive + 7/7 negative = B7_VALIDATION_PASS (tamper, missing provenance, local-first, manifest tamper, diagnostic-as-canonical, raw-SQL leak, freshness).

Deliverables (KB)

1. contracts/b7-governed-export-step-contract-2026-06-10.md
2. designs/b7-named-query-catalog-spec-2026-06-10.md (PROVISIONAL non-authority)
3. designs/b7-governed-packet-schema-2026-06-10.md (b7-governed-packet/v1)
4. contracts/offline-mvp-governed-packet-consumption-contract-2026-06-10.md
5. designs/b7-governed-export-packet-acceptance-test-matrix-2026-06-10.md
6. reports/b7-governed-export-packet-validation-report-2026-06-10.md
7. planning/phase4-call-contract-readiness-map-after-b7-2026-06-10.md
8. checkpoints/action-ready-blocker-after-b7-governed-export-packet-2026-06-10.md
9. this checkpoint · 10. 00-index update. Local evidence (non-authority): /tmp/tki-ci/b7-governed-packet-sample-2026-06-10.json, /tmp/tki-ci/b7_validate.py.

Why PARTIAL not READY (honest)

• Named-query catalog is provisional non-authority — no governed catalog surface exists; promotion needs owner/Codex (B7-EXP-1).
• Automated export service not built — export was operator-run; automation/network-policy is D9/B7-EXP-2.
• KB report writer (D10) and gate-consumer (D11) are prohibited to build in this macro and remain blocked.
• MVP consumption validated at schema/contract level (packet is schema-compatible with the Phase-2 packet_loader); MVP was not given live access.

Honest caveats / not claimed

• No Codex consulted. No production mutation. No global-absence claim (absence is scoped NOT_EVIDENCED_IN_ALLOWED_SURFACES). No proof-of-run/execution semantics created. The MVP gained no live/driver/writer/gate capability.

Next safe step

Author the Call Contract design packet internally (read-only, no build, no Codex) — the keystone for Phase 4. In parallel: owner decides catalog promotion (B7-EXP-1) and whether to route the accumulated Phase 2/3 + B7 evidence to Codex for an external seal.