02 - MB-01 Legacy Entrypoint Neutralization

Verdict

CHECK_B_MB01_FAIL_NEEDS_T1_FIX

Blockers

CR-B1 - Binding target uses name-pattern authority

S00 makes the complete legacy target a sealed, load-bearing target derived from pg_class/pg_proc using owner=directus and QT001 name pattern. S15/S16/S17 then use that set as authority. This is not merely diagnostic inventory; it controls REVOKE, ownership transfer, and freeze. It therefore violates G-PGNATIVE's own prohibition on name-pattern authority and is disguised hardcode.

Required T1 fix: define a PG-data-driven classification/registration contract that establishes each legacy control object by typed disposition and dependency evidence, with both-EXCEPT against live catalogs. Name patterns may seed candidates only; they cannot decide the final set. The final target must include exact object identity/signature/kind and prove zero unclassified relevant executable/dependency surface.

CR-B2 - Stub scope contradiction

S15/doc02 say fail-closed stubs only on apply/writer entrypoints. PKG-F says replace each object in the entire 46-functions-plus-procedure set with a fail-closed stub. These are materially different operations.

Required T1 fix: choose and specify one scope. Codex does not approve stubbing every legacy function without per-signature source capture, dependency proof, and complete body-restore rollback. Prefer REVOKE over the classified complete set and stub only explicitly approved authoritative apply/writer entrypoints.

CR-B3 - Function/procedure identity must be exact

The blueprint must consistently state 46 functions plus 1 procedure, and bind each executable using schema + name + identity arguments + prokind/OID capture, not names alone.