09 — Quarantine State Model & dot-pivot-update Classification (P7)
09 — Quarantine State Model & dot-pivot-update Classification (P7)
Lifecycle / quarantine states
| State | Meaning | Where computed |
|---|---|---|
STAGED_FILE_ONLY |
executable on disk, no dot_tools row |
P2 v_dot_pivot_update_status, fs_status='FILE_NO_REGISTRY' |
UNBORN |
entity row exists but no birth_registry row |
P1 v_birth_orphan |
BORN_NOT_REGISTERED |
birth row but not a live registry row | P1 v_birth_phantom (inverse) / reconcile |
REGISTERED_NOT_GOVERNED |
registered + born but no owner | P5 v_governance_row_object_gap (BORN_BUT_UNOWNED) |
GOVERNED_READY |
born + registered + owned (ospa) | all detectors clean |
QUARANTINED |
explicitly held; excluded from production use | P4 ledger decision='QUARANTINE' / P6 accepted-exceptions |
NOT_VALID_DOT |
executable under DOT path with no birth/registry/governance coverage | rule below |
Rule (constitutional): any executable file under the DOT filesystem path that has no birth + registry + governance coverage is NOT a valid DOT and must not be used for production cleanup.
dot-pivot-update — final classification (evidence-based, live)
dot_toolslookup by name/file_path/code ILIKE '%pivot-update%' → 0 rows (not registered).- Not born (no
birth_registryrow can exist without adot_toolsrow). - Not governed (row-grain governance doesn't exist yet; and it isn't even an inventory candidate).
- Prior recon: real file at
/opt/incomex/dot/bin/dot-pivot-update, root:root, +x, 14441 bytes, sha2563313c057…effc5, mtime 2026-06-03 07:19 — but invisible to DB/registry.
FINAL: STAGED_FILE_ONLY + UNBORN + NOT_VALID_DOT.
Consequence: forbidden to register, execute, or use it for RP cleanup. The lawful route to make it valid: (1) author/register via a governed registrar DOT (needs admin creds, currently absent), (2) birth via lawful trigger path, (3) onboard into row-level governance (needs ospa ≥ 1). Only after all three would v_dot_pivot_update_status read GOVERNED_READY. This is consistent with the prior RP macro's held COMMIT.
Where states are emitted
P1/P2/P5 views compute the state; P6 preflight reads them; P4 ledger records explicit QUARANTINE/EXEMPT/RETIRE decisions. No state is applied as a base-table mutation by this macro.